Deploying Avaya Equinox Solution
Release 9.1 Issue 2 April 2018 © 2010-2018, Avaya Inc. YOU DO NOT WISH TO ACCEPT THESE TERMS OF USE, YOU All Rights Reserved. MUST NOT ACCESS OR USE THE HOSTED SERVICE OR AUTHORIZE ANYONE TO ACCESS OR USE THE HOSTED Notice SERVICE. While reasonable efforts have been made to ensure that the Licenses information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA the right to make changes and corrections to the information in this WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO, document without the obligation to notify any person or organization UNDER THE LINK “AVAYA SOFTWARE LICENSE TERMS (Avaya of such changes. Products)” OR SUCH SUCCESSOR SITE AS DESIGNATED BY AVAYA, ARE APPLICABLE TO ANYONE WHO DOWNLOADS, Documentation disclaimer USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED “Documentation” means information published in varying mediums FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AVAYA which may include product information, operating instructions and CHANNEL PARTNER (AS APPLICABLE) UNDER A COMMERCIAL performance specifications that are generally made available to users AGREEMENT WITH AVAYA OR AN AVAYA CHANNEL PARTNER. of products. Documentation does not include marketing materials. UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, Avaya shall not be responsible for any modifications, additions, or AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE deletions to the original published version of Documentation unless WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA such modifications, additions, or deletions were performed by or on AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA the express behalf of Avaya. End User agrees to indemnify and hold RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST YOU harmless Avaya, Avaya's agents, servants and employees against all AND ANYONE ELSE USING OR SELLING THE SOFTWARE claims, lawsuits, demands and judgments arising out of, or in WITHOUT A LICENSE. BY INSTALLING, DOWNLOADING OR connection with, subsequent modifications, additions or deletions to USING THE SOFTWARE, OR AUTHORIZING OTHERS TO DO SO, this documentation, to the extent made by End User. YOU, ON BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU ARE INSTALLING, DOWNLOADING OR USING THE Link disclaimer SOFTWARE (HEREINAFTER REFERRED TO Avaya is not responsible for the contents or reliability of any linked INTERCHANGEABLY AS “YOU” AND “END USER”), AGREE TO websites referenced within this site or Documentation provided by THESE TERMS AND CONDITIONS AND CREATE A BINDING Avaya. Avaya is not responsible for the accuracy of any information, CONTRACT BETWEEN YOU AND AVAYA INC. OR THE statement or content provided on these sites and does not APPLICABLE AVAYA AFFILIATE (“AVAYA”). necessarily endorse the products, services, or information described Avaya grants You a license within the scope of the license types or offered within them. Avaya does not guarantee that these links will described below, with the exception of Heritage Nortel Software, for work all the time and has no control over the availability of the linked which the scope of the license is detailed below. Where the order pages. documentation does not expressly identify a license type, the Warranty applicable license will be a Designated System License as set forth below in the Designated System(s) License (DS) section as Avaya provides a limited warranty on Avaya hardware and software. applicable. The applicable number of licenses and units of capacity Refer to your sales agreement to establish the terms of the limited for which the license is granted will be one (1), unless a different warranty. In addition, Avaya’s standard warranty language, as well as number of licenses or units of capacity is specified in the information regarding support for this product while under warranty is documentation or other materials available to You. “Software” means available to Avaya customers and other parties through the Avaya computer programs in object code, provided by Avaya or an Avaya Support website: https://support.avaya.com/helpcenter/ Channel Partner, whether as stand-alone products, pre-installed on getGenericDetails?detailId=C20091120112456651010 under the link hardware products, and any upgrades, updates, patches, bug fixes, “Warranty & Product Lifecycle” or such successor site as designated or modified versions thereto. “Designated Processor” means a single by Avaya. Please note that if You acquired the product(s) from an stand-alone computing device. “Server” means a set of Designated authorized Avaya Channel Partner outside of the United States and Processors that hosts (physically or virtually) a software application Canada, the warranty is provided to You by said Avaya Channel to be accessed by multiple users. “Instance” means a single copy of Partner and not by Avaya. the Software executing at a particular time: (i) on one physical “Hosted Service” means an Avaya hosted service subscription that machine; or (ii) on one deployed software virtual machine (“VM”) or You acquire from either Avaya or an authorized Avaya Channel similar deployment. Partner (as applicable) and which is described further in Hosted SAS License type(s) or other service description documentation regarding the applicable hosted service. If You purchase a Hosted Service subscription, the Designated System(s) License (DS). End User may install and use foregoing limited warranty may not apply but You may be entitled to each copy or an Instance of the Software only: 1) on a number of support services in connection with the Hosted Service as described Designated Processors up to the number indicated in the order; or 2) further in your service description documents for the applicable up to the number of Instances of the Software as indicated in the Hosted Service. Contact Avaya or Avaya Channel Partner (as order, Documentation, or as authorized by Avaya in writing. Avaya applicable) for more information. may require the Designated Processor(s) to be identified in the order by type, serial number, feature key, Instance, location or other Hosted Service specific designation, or to be provided by End User to Avaya through THE FOLLOWING APPLIES ONLY IF YOU PURCHASE AN AVAYA electronic means established by Avaya specifically for this purpose. HOSTED SERVICE SUBSCRIPTION FROM AVAYA OR AN AVAYA Concurrent User License (CU). End User may install and use the CHANNEL PARTNER (AS APPLICABLE), THE TERMS OF USE Software on multiple Designated Processors or one or more Servers, FOR HOSTED SERVICES ARE AVAILABLE ON THE AVAYA so long as only the licensed number of Units are accessing and using WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO UNDER the Software at any given time. A “Unit” means the unit on which THE LINK “Avaya Terms of Use for Hosted Services” OR SUCH Avaya, at its sole discretion, bases the pricing of its licenses and can SUCCESSOR SITE AS DESIGNATED BY AVAYA, AND ARE be, without limitation, an agent, port or user, an e-mail or voice mail APPLICABLE TO ANYONE WHO ACCESSES OR USES THE account in the name of a person or corporate function (e.g., HOSTED SERVICE. BY ACCESSING OR USING THE HOSTED webmaster or helpdesk), or a directory entry in the administrative SERVICE, OR AUTHORIZING OTHERS TO DO SO, YOU, ON database utilized by the Software that permits one user to interface BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU ARE with the Software. Units may be linked to a specific, identified Server DOING SO (HEREINAFTER REFERRED TO INTERCHANGEABLY or an Instance of the Software. AS “YOU” AND “END USER”), AGREE TO THE TERMS OF USE. IF YOU ARE ACCEPTING THE TERMS OF USE ON BEHALF A Named User License (NU). You may: (i) install and use each copy or COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT Instance of the Software on a single Designated Processor or Server YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THESE per authorized Named User (defined below); or (ii) install and use TERMS OF USE. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF each copy or Instance of the Software on a Server so long as only authorized Named Users access and use the Software. “Named User”, means a user or device that has been expressly authorized by REMUNERATION TO (i) ENCODE VIDEO IN COMPLIANCE WITH Avaya to access and use the Software. At Avaya’s sole discretion, a THE AVC STANDARD (“AVC VIDEO”) AND/OR (ii) DECODE AVC “Named User” may be, without limitation, designated by name, VIDEO THAT WAS ENCODED BY A CONSUMER ENGAGED IN A corporate function (e.g., webmaster or helpdesk), an e-mail or voice PERSONAL ACTIVITY AND/OR WAS OBTAINED FROM A VIDEO mail account in the name of a person or corporate function, or a PROVIDER LICENSED TO PROVIDE AVC VIDEO. NO LICENSE IS directory entry in the administrative database utilized by the Software GRANTED OR SHALL BE IMPLIED FOR ANY OTHER USE. that permits one user to interface with the Software. ADDITIONAL INFORMATION MAY BE OBTAINED FROM MPEG LA, L.L.C. SEE HTTP://WWW.MPEGLA.COM. Shrinkwrap License (SR). You may install and use the Software in accordance with the terms and conditions of the applicable license Service Provider agreements, such as “shrinkwrap” or “clickthrough” license accompanying or applicable to the Software (“Shrinkwrap License”). THE FOLLOWING APPLIES TO AVAYA CHANNEL PARTNER’S HOSTING OF AVAYA PRODUCTS OR SERVICES. THE PRODUCT Heritage Nortel Software OR HOSTED SERVICE MAY USE THIRD PARTY COMPONENTS SUBJECT TO THIRD PARTY TERMS AND REQUIRE A SERVICE “Heritage Nortel Software” means the software that was acquired by PROVIDER TO BE INDEPENDENTLY LICENSED DIRECTLY FROM Avaya as part of its purchase of the Nortel Enterprise Solutions THE THIRD PARTY SUPPLIER. AN AVAYA CHANNEL PARTNER’S Business in December 2009. The Heritage Nortel Software is the HOSTING OF AVAYA PRODUCTS MUST BE AUTHORIZED IN software contained within the list of Heritage Nortel Products located WRITING BY AVAYA AND IF THOSE HOSTED PRODUCTS USE at https://support.avaya.com/LicenseInfo under the link “Heritage OR EMBED CERTAIN THIRD PARTY SOFTWARE, INCLUDING Nortel Products” or such successor site as designated by Avaya. For BUT NOT LIMITED TO MICROSOFT SOFTWARE OR CODECS, Heritage Nortel Software, Avaya grants Customer a license to use THE AVAYA CHANNEL PARTNER IS REQUIRED TO Heritage Nortel Software provided hereunder solely to the extent of INDEPENDENTLY OBTAIN ANY APPLICABLE LICENSE the authorized activation or authorized usage level, solely for the AGREEMENTS, AT THE AVAYA CHANNEL PARTNER’S EXPENSE, purpose specified in the Documentation, and solely as embedded in, DIRECTLY FROM THE APPLICABLE THIRD PARTY SUPPLIER. for execution on, or for communication with Avaya equipment. Charges for Heritage Nortel Software may be based on extent of WITH RESPECT TO CODECS, IF THE AVAYA CHANNEL activation or use authorized as specified in an order or invoice. PARTNER IS HOSTING ANY PRODUCTS THAT USE OR EMBED THE G.729 CODEC, H.264 CODEC, OR H.265 CODEC, THE Copyright AVAYA CHANNEL PARTNER ACKNOWLEDGES AND AGREES Except where expressly stated otherwise, no use should be made of THE AVAYA CHANNEL PARTNER IS RESPONSIBLE FOR ANY materials on this site, the Documentation, Software, Hosted Service, AND ALL RELATED FEES AND/OR ROYALTIES. THE G.729 or hardware provided by Avaya. All content on this site, the CODEC IS LICENSED BY SIPRO LAB TELECOM INC. SEE documentation, Hosted Service, and the product provided by Avaya WWW.SIPRO.COM/CONTACT.HTML. THE H.264 (AVC) CODEC IS including the selection, arrangement and design of the content is LICENSED UNDER THE AVC PATENT PORTFOLIO LICENSE FOR owned either by Avaya or its licensors and is protected by copyright THE PERSONAL USE OF A CONSUMER OR OTHER USES IN and other intellectual property laws including the sui generis rights WHICH IT DOES NOT RECEIVE REMUNERATION TO: (I) ENCODE relating to the protection of databases. You may not modify, copy, VIDEO IN COMPLIANCE WITH THE AVC STANDARD (“AVC reproduce, republish, upload, post, transmit or distribute in any way VIDEO”) AND/OR (II) DECODE AVC VIDEO THAT WAS ENCODED any content, in whole or in part, including any code and software BY A CONSUMER ENGAGED IN A PERSONAL ACTIVITY AND/OR unless expressly authorized by Avaya. Unauthorized reproduction, WAS OBTAINED FROM A VIDEO PROVIDER LICENSED TO transmission, dissemination, storage, and or use without the express PROVIDE AVC VIDEO. NO LICENSE IS GRANTED OR SHALL BE written consent of Avaya can be a criminal, as well as a civil offense IMPLIED FOR ANY OTHER USE. ADDITIONAL INFORMATION under the applicable law. FOR H.264 (AVC) AND H.265 (HEVC) CODECS MAY BE OBTAINED FROM MPEG LA, L.L.C. SEE HTTP:// Virtualization WWW.MPEGLA.COM. The following applies if the product is deployed on a virtual machine. Compliance with Laws Each product has its own ordering code and license types. Note, unless otherwise stated, that each Instance of a product must be You acknowledge and agree that it is Your responsibility for separately licensed and ordered. For example, if the end user complying with any applicable laws and regulations, including, but not customer or Avaya Channel Partner would like to install two limited to laws and regulations related to call recording, data privacy, Instances of the same type of products, then two products of that intellectual property, trade secret, fraud, and music performance type must be ordered. rights, in the country or territory where the Avaya product is used. Third Party Components Preventing Toll Fraud “Third Party Components” mean certain software programs or “Toll Fraud” is the unauthorized use of your telecommunications portions thereof included in the Software or Hosted Service may system by an unauthorized party (for example, a person who is not a contain software (including open source software) distributed under corporate employee, agent, subcontractor, or is not working on your third party agreements (“Third Party Components”), which contain company's behalf). Be aware that there can be a risk of Toll Fraud terms regarding the rights to use certain portions of the Software associated with your system and that, if Toll Fraud occurs, it can (“Third Party Terms”). As required, information regarding distributed result in substantial additional charges for your telecommunications Linux OS source code (for those products that have distributed Linux services. OS source code) and identifying the copyright holders of the Third Avaya Toll Fraud intervention Party Components and the Third Party Terms that apply is available in the products, Documentation or on Avaya’s website at: https:// If You suspect that You are being victimized by Toll Fraud and You support.avaya.com/Copyright or such successor site as designated need technical assistance or support, call Technical Service Center by Avaya. The open source software license terms provided as Third Toll Fraud Intervention Hotline at +1-800-643-2353 for the United Party Terms are consistent with the license rights granted in these States and Canada. For additional support telephone numbers, see Software License Terms, and may contain additional rights benefiting the Avaya Support website: https://support.avaya.com or such You, such as modification and distribution of the open source successor site as designated by Avaya. software. The Third Party Terms shall take precedence over these Security Vulnerabilities Software License Terms, solely with respect to the applicable Third Party Components to the extent that these Software License Terms Information about Avaya’s security support policies can be found in impose greater restrictions on You than the applicable Third Party the Security Policies and Support section of https:// Terms. support.avaya.com/security. The following applies only if the H.264 (AVC) codec is distributed with Suspected Avaya product security vulnerabilities are handled per the the product. THIS PRODUCT IS LICENSED UNDER THE AVC Avaya Product Security Support Flow (https:// PATENT PORTFOLIO LICENSE FOR THE PERSONAL USE OF A support.avaya.com/css/P8/documents/100161515). CONSUMER OR OTHER USES IN WHICH IT DOES NOT RECEIVE Downloading Documentation For the most current versions of Documentation, see the Avaya Support website: https://support.avaya.com, or such successor site as designated by Avaya. Contact Avaya Support See the Avaya Support website: https://support.avaya.com for product or Hosted Service notices and articles, or to report a problem with your Avaya product or Hosted Service. For a list of support telephone numbers and contact addresses, go to the Avaya Support website: https://support.avaya.com (or such successor site as designated by Avaya), scroll to the bottom of the page, and select Contact Avaya Support. Trademarks The trademarks, logos and service marks (“Marks”) displayed in this site, the Documentation, Hosted Service(s), and product(s) provided by Avaya are the registered or unregistered Marks of Avaya, its affiliates, its licensors, its suppliers, or other third parties. Users are not permitted to use such Marks without prior written consent from Avaya or such third party which may own the Mark. Nothing contained in this site, the Documentation, Hosted Service(s) and product(s) should be construed as granting, by implication, estoppel, or otherwise, any license or right in and to the Marks without the express written permission of Avaya or the applicable third party. Avaya is a registered trademark of Avaya Inc. All non-Avaya trademarks are the property of their respective owners. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. Contents
Chapter 1: About Avaya Equinox Conferencing...... 11 About this document...... 11 New in this release...... 11 Chapter 2: Before you begin...... 12 Component architecture...... 12 Licensing...... 18 Before You Begin checklist...... 19 Chapter 3: Installing Avaya Common Servers with Avaya Appliance Virtualization Platform...... 23 Downloading documentation...... 23 Initial AVP host configuration...... 23 Deploying the Solution Deployment Manager client...... 25 Chapter 4: Installing customer-provided servers...... 26 Prerequisites for OVA installation...... 26 Chapter 5: Before you begin software installation...... 27 Prerequisites for software installation...... 27 Latest software updates and patch information...... 28 Software installation checklist for SMB deployment...... 28 Software installation procedures for medium to large deployments...... 32 Software installation procedure for large deployments and for Service Providers...... 35 Software installation procedure for adding servers...... 39 Chapter 6: Equinox Management Deployment for Over the Top (OTT) Solution...... 41 Deployment of Equinox Management for OTT solution — Overview...... 41 Equinox Management Technical Specifications...... 42 Checklist for Deploying Equinox Management in an All-In-One Working Mode...... 45 Checklist for Deploying Equinox Management in a Distributed Working Mode...... 45 Downloading software from PLDS...... 46 Deploying the Equinox Management Server...... 47 Logging into Equinox Management...... 61 Configuring the All-In-One Equinox Management Server...... 68 Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper...... 70 Configuring Gatekeepers in Avaya Equinox Management...... 72 Configuring Deployment of User Portal + Web Gateway...... 75 Creating a Distributed or Cluster User Portal + Web Gateway...... 79 Adding a UCCS Server in Equinox Management...... 82 Securing Connections With Equinox Management...... 85 Applying a Third-Party Certificate to the All-in-One Equinox Management Server...... 85 Applying a Third-Party Certificate to the Distributed Equinox Management Server...... 90 Installing the CA Certificate for Avaya Equinox Meetings for Web...... 93
April 2018 Deploying Avaya Equinox Solution 5 Comments on this document? [email protected] Contents
Configuring User Portal / Web Gateway Settings...... 98 Updating a User License...... 103 Switching Equinox Management from Port Based to User Based Licensing...... 105 Deploying and Configuring the Equinox Management Environment...... 108 Troubleshooting...... 109 Chapter 7: Equinox Management Deployment for Team Engagement (TE) solution..... 112 Deployment of Equinox Management for TE solution — Overview...... 112 Checklist for Deploying Equinox Management in Team Engagement...... 112 Deploying the Avaya Aura® Web Gateway...... 114 Configuring the Avaya Aura Web Gateway in Equinox Management...... 114 Managing Licenses Via the Web-based License Manager (WebLM)...... 115 Installing a User License On the Local WebLM Server...... 115 Installing the User License On the External WebLM Server...... 118 Integrating Avaya Aura® Users Into Equinox Management Via System Manager...... 122 Configuring the Equinox Conferencing Element in System Manager...... 123 Configuring SSO for Equinox Conferencing...... 126 Adding Avaya Aura® Users in Equinox Management...... 129 Deploying and Configuring the Equinox Management Environment...... 130 Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component...... 130 Adding a SIP Entity for the Equinox B2BUA Component...... 131 Adding a SIP Entity Link/SIP Trunk For the Equinox B2BUA Component...... 132 Adding Routing Policies For the Equinox B2BUA Component...... 132 Adding Dial Patterns for the Equinox B2BUA Component...... 133 Configuring Equinox Management for Interoperability with Avaya Aura®...... 134 Adding a SIP Trunk from the Equinox B2BUA Component to Session Manager...... 134 Changing the Default SIP Domain in Equinox Management...... 135 Configuring Ad Hoc Conferencing in a Team Engagement (TE) Environment...... 136 Chapter 8: Equinox Media Server deployment...... 137 Equinox Media Server overview...... 137 Equinox Media Server deployment checklist...... 138 Equinox Media Server on AWS deployment checklist...... 138 Equinox Media Server video conferencing mode administration checklist...... 139 Equinox Media Server audio-only conferencing mode administration checklist...... 140 Equinox Media Server web collaboration mode administration checklist...... 140 Equinox Media Server WebRTC gateway administration checklist...... 141 Technical specifications...... 142 Capacity and scalability...... 143 Downloading software from PLDS...... 144 Deploying the Equinox Media Server OVA...... 145 Deploying the Equinox Media Server virtual machine...... 145 Starting the Equinox Media Server virtual machine...... 149 Configuring the Equinox Media Server IP addresses using vSphere Client Console...... 149
April 2018 Deploying Avaya Equinox Solution 6 Comments on this document? [email protected] Contents
Configuring the virtual machine automatic startup settings on VMware...... 151 Deploying Equinox Media Server on AWS...... 151 Signing in to the Amazon Web Services Management console...... 151 Creating a key pair...... 152 Configuring PuTTY...... 152 Creating a bucket for uploading the OVAs for AMI conversion...... 153 Uploading the Equinox Media Server OVA...... 154 Creating a Linux Amazon EC2 virtual server instance...... 154 Creating a user access key...... 156 Obtaining the virtual server instance user ID...... 156 Importing the OVA for AMI conversion...... 156 Creating an IAM role for the takeover of the floating IP address...... 159 Launching an Amazon EC2 instance...... 161 Deploying the Equinox Media Server AMI...... 161 Configuring Equinox Media Server on AWS...... 163 Equinox Media Server initial configuration...... 165 Adding Equinox Media Server in Equinox Management...... 165 Add Media Servers field descriptions...... 165 Adding Equinox Media Server in Equinox Management as a gateway...... 166 Add Gateway field descriptions...... 167 Configuring the Equinox Media Server network settings...... 167 Configuration field descriptions...... 168 Adding or updating the Equinox Media Server licenses...... 169 Changing the Equinox Media Server working mode...... 170 Customizing audio messages...... 171 Secure connection with Equinox Management...... 172 Chapter 9: Scopia Elite 6000 MCU deployment...... 175 Scopia Elite MCU overview...... 175 Scopia® Elite 6000 MCU deployment checklist...... 175 Technical specifications...... 176 About the Capacity of the MCU...... 178 Ports to Open for the Scopia® Elite 6000 MCU...... 179 Configuring the IP addresses...... 182 Configuring IP separation...... 187 Configuring Ports on All Models of the Scopia Elite MCU...... 191 Configuring the UDP port ranges for RTP/RTCP on Scopia® Elite 6000 MCU...... 192 Configuring the TCP Port Range for H.245 on Scopia® Elite 6000 MCU...... 192 Configuring the HTTP port on Scopia® Elite 6000 MCU...... 193 Configuring the UDP port for RAS on Scopia® Elite 6000 MCU...... 194 Configuring the UDP port for the gatekeeper on Scopia® Elite 6000 MCU...... 194 Configuring the TCP port for Q.931 on Scopia® Elite 6000 MCU...... 195 Configuring the TCP, UDP, and TLS port for SIP...... 196 Configuring the TCP port range for SIP BFCP on Scopia® Elite 6000 MCU...... 196
April 2018 Deploying Avaya Equinox Solution 7 Comments on this document? [email protected] Contents
Verifying the MCU Equinox H.323 Edge Installation...... 197 Chapter 10: Avaya Aura deployment...... 200 Deploying Avaya Aura components...... 200 Chapter 11: Migrating from Avaya Aura to Avaya Equinox...... 201 Introduction to migrating AAC8 data...... 201 Exporting data from Avaya Aura® Conferencing 8.0...... 205 Importing Avaya Aura® Conferencing data to Avaya Equinox Management 9.0...... 207 Chapter 12: Avaya Session Border Controller deployment for remote access in Over The Top solution...... 213 Deployment checklist for remote access in OTT — Non-tunneled mode...... 213 Planning your ASBCE deployment in the OTT solution...... 215 Small deployment...... 218 Medium deployment...... 220 Large deployment...... 221 Firewall traversal in OTT — normal security...... 223 Firewall traversal in OTT — enhanced security...... 225 Certificates...... 228 Creating a Certificate Signing Request...... 229 Generating and installing certificates with Aura System Manager default CA...... 230 Installing a CA certificate on ASBCE...... 231 Installing a certificate and key on ASBCE...... 232 Encrypting the key file...... 233 Associating an ASBCE certificate with the ASBCE TLS Client and Server Profiles...... 233 Configuring ASBCE network interfaces...... 234 Configuring ASBCE signaling interface...... 235 Configuring ASBCE media interface for OTT...... 235 Configuring ASBCE load monitoring for OTT...... 237 Configuring ASBCE server flows for OTT...... 238 Configuring the ASBCE STUN TURN server for OTT...... 239 OTT deployment — Single IP and single FQDN for HTTP traffic...... 239 Configuring remote client access to the Unified Portal ...... 242 Configuring Equinox Conference Control for OTT...... 242 Configuring web collaboration for OTT...... 243 Configuring reverse proxy for OTT...... 243 Configuring the ASBCE in Equinox Management...... 247 Configuring ASBCE support of unregistered Avaya SIP endpoints...... 248 Chapter 13: Avaya Session Border Controller deployment for remote access in Team Engagement solution...... 250 Deployment checklist for remote access in TE...... 250 Configuring TLS certificates using Avaya Aura® System Manager...... 252 Installing TLS certificates on ASBCE ...... 253 Associating certificates with TLS client and server profiles on ASBCE...... 254 Configuring ASBCE network interfaces...... 255
April 2018 Deploying Avaya Equinox Solution 8 Comments on this document? [email protected] Contents
Configuring ASBCE signaling interface...... 255 Configuring ASBCE media interface for TE...... 256 Configuring ASBCE load monitoring for TE...... 257 Configuring ASBCE server flows for TE...... 258 Configuring Avaya Aura® Web Gateway...... 259 Certificate setup in Avaya Aura® Web Gateway...... 260 Configuring the Avaya Aura® Web Gateway on Avaya Aura® Device Services...... 261 Configuring Avaya Equinox Management on Avaya Aura® Web Gateway...... 261 Configuring Avaya Aura® Web Gateway on Avaya Equinox Management ...... 263 Configuring HTTP reverse proxy settings on Avaya Aura® Web Gateway...... 264 Configuring STUN server settings on Avaya Aura® Web Gateway...... 264 Adding or editing Avaya Session Border Controller for Enterprise connections on the Avaya Aura® Web Gateway administration portal...... 265 Configuring web collaboration for TE...... 267 Configuring User portal access for TE...... 267 Adding the Media Server in Equinox Management...... 268 Configuring the Media Server network settings...... 269 Configuring ASBCE for remote client access in TE...... 272 Configuring Equinox Conference Control for TE...... 273 Configuring the reverse proxy rules on ASBCE in TE...... 273 Configuring Avaya Aura Device Services...... 276 Setting up a TLS link for Avaya Equinox Management...... 276 Configuring remote access...... 277 Configuring Avaya Aura Device Services in Avaya Equinox Management...... 278 Configuring TURN/STUN for WebRTC in TE...... 279 Configuring the TURN/STUN profile for WebRTC calls on ASBCE...... 279 Configuring the TURN relay service for WebRTC calls on Avaya SBCE...... 282 Configuring TURN/STUN on Equinox Management...... 283 Configuring ASBCE support of unregistered Avaya SIP endpoints...... 284 Chapter 14: Equinox H.323 Edge deployment...... 286 Equinox H.323 Edge overview...... 286 Equinox H.323 Edge virtual server deployment checklist...... 287 Equinox H.323 Edge initial configuration checklist...... 288 Technical specifications of Equinox H.323 Edge...... 288 Ports configuration...... 289 Equinox H.323 Edge virtual server deployment...... 293 Downloading software from PLDS...... 293 Deploying the Equinox H.323 Edge virtual server...... 294 Starting the Equinox H.323 Edge virtual server...... 295 Configuring the virtual machine automatic startup settings...... 295 Equinox H.323 Edge initial configuration...... 296 Adding networks to Equinox H.323 Edge...... 296 Adding Equinox H.323 Edge in Equinox Management...... 298
April 2018 Deploying Avaya Equinox Solution 9 Comments on this document? [email protected] Contents
Configuring IP separation in Equinox Management...... 298 Configuring Ports on the Equinox H.323 Edge server...... 299 Integrating the Equinox H.323 Edge server with Other Equinox Solution Components...... 301 Calls between internal and external endpoints...... 303 Secure connection with Equinox Management...... 310 Adding and updating licenses...... 313 Configuring remote access...... 314 Access field descriptions...... 314 Configuring QoS for audio and video...... 315 Creating an Equinox H.323 Edge server Cluster...... 316 Viewing the Avaya Equinox H.323 Edge Server Usage Rate...... 318 Chapter 15: Avaya Equinox Streaming and Recording deployment...... 320 Introducing Avaya Equinox Streaming and Recording...... 320 Avaya Equinox Streaming and Recording Server...... 320 Installing Avaya Equinox Streaming and Recording...... 331 Installation checklist...... 331 Physically connecting the new server...... 333 Initially configuring the new server...... 337 Configuring the new server...... 338 Licensing checklist...... 341 Configuring external addresses for public interfaces...... 351 Registering each of the components...... 353 Configuring delivery nodes...... 355 Configuring virtual delivery nodes...... 360 Configuring conference points...... 363 Specifying polling intervals and the network address...... 365 Configuring the recycle bin...... 366 Adding and Modifying Equinox Streaming and Recording Servers in Equinox Management 367 Configuring the Avaya Equinox Recording Gateway...... 368 Chapter 16: Upgrading to the Avaya Equinox solution...... 370 Upgrading the Equinox Solution...... 370 Chapter 17: Resources...... 371 Documentation...... 371 Finding documents on the Avaya Support website...... 374 Training...... 374 Support...... 375 Using the Avaya InSite Knowledge Base...... 375 Glossary...... 377
April 2018 Deploying Avaya Equinox Solution 10 Comments on this document? [email protected] Chapter 1: About Avaya Equinox Conferencing
About this document This document provides procedures required to perform the initial installation and deployment of Avaya Equinox® Release 9.x in an Aura Team Engagement and non-Aura Over The Top environment. This document also contains deployment overviews, technical requirements, and checklists for support throughout installation and deployment. The audience includes and is not limited to implementation engineers, field technicians, business partners, and customers.
New in this release Release 9.1, issue 2 of the Equinox Solution has the following deployment enhancements: • Applying a WebLM server license in an Over The Top environment • Configuring an ad hoc conference in a Team Engagement Environment • Confirming that the solution now supports VMware ESXi 6.5. • Documentation updates include: - Deployment procedures for Avaya Session Border Controller for Enterprise in the Avaya Equinox for Over The Top solution. - Deployment procedures for Avaya Session Border Controller for Enterprise in the Avaya Equinox for Team Engagement solution.
April 2018 Deploying Avaya Equinox Solution 11 Comments on this document? [email protected] Chapter 2: Before you begin
Component architecture The architecture of the Avaya Equinox Solution is built on new and improved existing software components using top technology operating system and applications, including video and audio codecs, web applications and edge elements. The 9.x release introduces the move from Scopia® Management suite to Equinox Management and the deployment of software-based, virtualized Equinox Media Server in addition to Scopia® Elite 6000 MCU. The solution components are distributed as Open Virtualization Appliances (OVAs), application software, or appliances. The OVAs run on Linux RH and allow components to co-reside on a single server for small deployments, or to be distributed on several servers for medium/large deployments. The Equinox Solution also introduces two deployment concepts: Team Engagement (integrating Avaya Aura® in the solution) and Over The Top (standalone, conferencing-only on the customer existing infrastructure). The figure below illustrates the deployment of key components for Avaya Equinox for Over The Top.
April 2018 Deploying Avaya Equinox Solution 12 Comments on this document? [email protected] Component architecture
Figure 1: OTT Component architecture
The figure below illustrates the deployment of key components for Avaya Equinox for Team Engagement.
April 2018 Deploying Avaya Equinox Solution 13 Comments on this document? [email protected] Before you begin
Figure 2: TE Component architecture
The OTT solution has these characteristics: • All deployments are without Avaya Aura® (including IP Office). • Equinox Management manages all conferencing components. • Unified Portal is for conferencing only. • Equinox Management can synchronize with the organization’s LDAP. • With/without third party PBX and/or SIP proxy. • Has Microsoft Lync/ Skype for Business support. The TE solution has these characteristics: • Calls go through Avaya Aura® Session Manager (SM)/Avaya Aura® Communication Manager (CM). • Avaya Aura® System Manager (SMGR) manages Avaya Aura® and collect logs and alarms (except for the Equinox Management ones). • Equinox Management manages all conferencing components. • Equinox Management synchronizes with Avaya Aura® Device Services (AADS) .
April 2018 Deploying Avaya Equinox Solution 14 Comments on this document? [email protected] Component architecture
• In future releases, Equinox Management will be synchronized and managed through SMGR. • The Unified Portal is not only used for conferencing and is not managed by Equinox Management. See the Avaya Aura® Conferencing documentation. Infrastructure components Equinox Management Server: This infrastructure component comprises the following modules:
Server/service Description Management The common management framework that provides centralized management functions for provisioning and administration. Management can synchronize with the organization’s LDAP with/without third party PBX and/or SIP proxy. H.323 Gatekeeper Previously called Avaya Scopia® ECS Gatekeeper when deployed as a standalone in the Scopia Solution. The gatekeeper provides address resolution functionality in H.323 networks. Only a distributed gatekeeper can support 15,000 concurrent calls. SIP B2BUA SIP Back-to-Back User Agent. Unified Portal Single portal from which the administrator can access conferencing functionalities such as meetings, user settings, recordings, and web collaboration libraries. In the OTT model, Avaya Aura® User Portal functionalities and Avaya Web Gateway functionalities are available as an integrated part of Equinox Management. When the OTT model is used in an Aura environment, the administrator can decide if the integrated Avaya Aura® User Portal and Avaya Web Gateway functionality, or separate instances of third components, are provided in the Avaya Aura® architecture. The User Portal is called Unified Portal in an OTT deployment. Only a distributed portal can support 15,000 concurrent calls. Web Gateway Web Gateway for WebRTC (HTTPS to SIP signaling). Relevant mainly for OTT and VAAS deployments. In a TE deployment, it is provided as a separate OVA (Avaya Aura® Web Gateway) and part of Avaya Aura®. This component requires a security mode and is available only in encrypted versions. Avaya SBCE is a required component for Meetings for Web (WebRTC) clients. Table continues…
April 2018 Deploying Avaya Equinox Solution 15 Comments on this document? [email protected] Before you begin
Server/service Description Equinox Conference Control Also called UCCS. This service uses the Unified Conference Control Protocol (UCCP), a web based protocol enabling Equinox clients and Meetings for Web clients to have conference control such as roster, moderator commands, and user commands. The client may reside in any location (private side, public side, a different company and so on). HTTP reverse proxy handles firewall traversal. Equinox Conference Control can be embedded in Equinox Management, and is used as a standalone to support 15,000 concurrent calls. When there are multiple distributed Equinox Conference Controls, Equinox Management chooses theEquinox Conference Control nearest to the Equinox Media Server.
Equinox Media Server: This infrastructure component is Avaya’s virtual application for multiparty audio, video, and data conferencing. It has two working modes: • Full Audio, Video, and Web Collaboration In this mode it supports from 10x HD 720p30 up to 40x HD 720p30 video transcoded channels per single OVA • High Capacity Audio + Web Collaboration In this mode it supports from 500 audio-web collaboration connection, up to 2,000 audio-web collaboration connection per single OVA. You can switch working modes from the Equinox Management interface. The Equinox Media Server cannot work in a mixed mode. To deploy a solution with both working modes, you need two Equinox Media Servers: one for the Full Audio, Video, Web Collaboration mode that also has WebRTC, and another one for the High Capacity Audio + Web Collaboration mode. You can also deploy the server as a gateway / Add-on for an existing Scopia® Elite 6000 MCU series. In this mode it performs as the WebRTC Gateway to add WebRTC functionality to the Scopia® Elite 6000 MCU series, or as the Web Collaboration Server (WCS) Media Server to add advanced content sharing functionalities of Web Collaboration services. The server includes the following modules:
Server/Service Description MCU Multiple Control Unit with has HD video transcoding and switching capacities. AAMS Avaya Aura® Media Server. High scale audio engine WCS Web Collaboration Server engine. The integrated server supports all the standalone Scopia® Web Collaboration server functionalities (from Version 8.3), Table continues…
April 2018 Deploying Avaya Equinox Solution 16 Comments on this document? [email protected] Component architecture
Server/Service Description including Web Conferencing Gateway (WCGW) capabilities for H.264, JPEG transcoding and JPEG/PNG encoding, and slider. The server provides advanced content sharing functionality for Scopia® Elite 6000 MCU which are not available with standard H.239/BFCP based content sharing.
Avaya Aura®: These infrastructure components include the following modules:
Module Description SM Avaya Aura® Session Manager. The SIP routing and integration tool. AADS Avaya Aura® Device Services. Provides a single place in the Aura architecture where devices (clients and endpoints) can store and retrieve data that users would want to see on any device, supporting a common user experience. In addition, it is a common place for configuration and deployment data. SMGR Avaya Aura® System Manager. The common management framework that provides centralized management functions for provisioning and administration. CM Avaya Aura® Communication Manager. Open, extensible IP telephony platform that can be deployed as an IP PBX, a Session Initiation Protocol (SIP)-only environment, or a hybrid platform that supports both SIP and non-SIP environments. PS Avaya Aura® Presence Services. Collects and disseminates rich presence from Avaya and third party sources across a diverse set of business environments, enabling users throughout the network to reach the people they need, leveraging the multiple channels of communications available to them. AMM Avaya Multimedia Messaging. Delivers powerful IM and presence capabilities for Avaya Equinox® users. Individuals and groups can interact and productively handle conversations and engage across locations and time. Avaya Aura® Media Server/Avaya Aura® Web Gateway High scale audio engine enabling users inside or outside the Enterprise to make a secure call from their web browser to any endpoint to which Avaya Aura® can deliver calls. Needed when Scopia® Elite 6000 MCU is used.
Scopia® Elite 6000 MCU:
April 2018 Deploying Avaya Equinox Solution 17 Comments on this document? [email protected] Before you begin
Scopia® Elite 6000 MCU is the platform for high definition multi-party conferencing. The MCU harnesses revolutionary processing power for demanding conferencing applications. Dual 1080p/ 60fps channels for video and content, simultaneous H.264 High Profile for bandwidth efficiency and H.264 Scalable Video Coding (SVC), along with multi-stream immersive telepresence connectivity deliver uncompromised multi-party collaboration. The server uses Equinox Media Server as a WebRTC Gateway or as a WCS Media Server. Equinox Streaming and Recording The server provides audio, web, and HD video recording as well as high scale streaming capability. It requires an additional component, called Avaya Equinox Recording Gateway (AERG). It facilitates recording of audio-only and web collaboration conferences or pure audio-only conferences hosted onEquinox Media Server and Scopia® Elite 6000 MCUs into AESR. For more information, see Release Notes for Avaya Equinox Recording Gateway on http:// support.avaya.com. Edge components Product Description Equinox H.323 Edge Allows external H.323 Video HD Room system to connect from outside the enterprise network through firewalls. Deploy Equinox H.323 Edge only in legacy Avaya Scopia solution deployments. The H.323 protocol is used only in legacy Avaya Scopia deployments. Avaya SBCE Allows external users and WebRTC users to connect to conferences in the enterprise local network. It provides: • Session Border Control (SBC). It allows connection remote audio and video SIP endpoints that are registered/not registered with the solution. These can be XT Series endoints or third-party video endpoints (Cisco and Polycom). • HTTP reverse proxy • TURN/STUN server for ICE, for connecting WebRTC end users with audio and video through firewalls.
Licensing The licensing functionality operates in a different way, depending on your type of Avaya Equinox Solution. The solution is called Avaya Equinox for Over The Top (OTT) when it ties to the customer existing infrastructure and provides services over the top of this infrastructure without requiring it to be upgraded or replaced.
April 2018 Deploying Avaya Equinox Solution 18 Comments on this document? [email protected] Before You Begin checklist
The solution that tightly integrates with Avaya Aura® components is called Avaya Equinox for Team Engagement and is deployed in medium and large enterprises. The licenses can be grouped into these categories: • Enterprise Edition with a port-based and user-based license model. Port-based licenses are required for the OTT solution, and user licenses (Avaya Aura® Power Suite) for the TE solution. • Service Provider Edition, with a port-based or virtual room (cloud) based license model. Note: From Release 9.1 a Power Suite Equinox Management license enables upgrading from OTT to TE. For detailed information, see the Administrator Guide for Avaya Equinox Management on http://support.avaya.com. For information on how to apply the conferencing license keys, see the license installation topic in each component deployment chapter. For license key activation in Avaya Aura® components, see the Avaya Aura® Conferencing documentation. Avaya Equinox Management maintains the deployment’s licenses for these products and allows the administrator to easily view and update the product’s license: • Equinox Management • Web Gateway (Equinox Management) • Avaya Conferencing Recording Gateway (ACRG) • Equinox Media Server (MCU and AMS) • Web Collaboration Server • Scopia Elite MCU • Equinox H.323 Edge • XT Series New upgrades and installations include a number of default licenses. If licensing limits are exceeded, Equinox Management displays full explanatory error messages to users. Licenses must be periodically renewed. If they are not renewed, they expire.
Before You Begin checklist The following checklist provides the high level steps and considerations prior to beginning your the installation of your Avaya Equinox Solution. The checklist applies to Avaya Equinox for Over The Top (standalone) and Avaya Equinox for Team Engagement solutions. The TE solution comprises the Avaya Aura® environment. Note:
April 2018 Deploying Avaya Equinox Solution 19 Comments on this document? [email protected] Before you begin
If you are migrating from Avaya Aura® Conferencing Release 8.x, see Introduction to migrating AAC8 data on page 201 and related topics. If you are upgrading from Avaya Scopia® Solution 8.3.6, see the solution Release Notes that are available from http://support.avaya.com.
No. Task Description Notes
1 Determine your For information about deployment layout type deployment types, see based on the capacity the various Solution and scaling Guides listed in the requirements for your Documentation on location. page 371 section of this guide. 2 Install the Avaya See Downloading Common Server. Or documentation on prepare your server for page 23 for installing the installation of Avaya Common Avaya Equinox® Server. components. 3 Obtain the latest Avaya Download from Avaya To find your downloads Equinox Solution PLDS. in PLDS, select View software installation Downloads. In the and patches. Download field, search for Equinox 9.x files (for example, 9.1). 4 Determine the required For all deployments, number of IP you must use FQDNs. addresses for your FQDNs are essential deployment when using TLS. configuration, hostnames, and FQDNs. Register the required FQDNs with the appropriate DNS servers. FQDNs are required for single sign-on (SSO) to enable you to administer components. To use SSO, the components must Table continues…
April 2018 Deploying Avaya Equinox Solution 20 Comments on this document? [email protected] Before You Begin checklist
No. Task Description Notes
belong to the same root domain. 5 If you are deploying your system with TLS enabled, ensure Certificate Authorities are imported and certificates are assigned. 6 Obtain the supported For the supported web Web browsers. browsers, check the latest Avaya Equinox Solution Release Notes which are available from http:// support.avaya.com 7 Obtain the licensing See application • Avaya Equinox for information from installations. Over The Top uses Avaya. port-based licenses. • Avaya Equinox Cloud Services (which is an OTT solution) uses Virtual Room licenses. • Avaya Equinox for Team Engagement uses user-based licenses. • From Release 9.1 a Power Suite Equinox Management license enables upgrading from OTT to TE. For detailed information, see the Administrator Guide for Avaya Equinox Management on http:// support.avaya.com. Table continues…
April 2018 Deploying Avaya Equinox Solution 21 Comments on this document? [email protected] Before you begin
No. Task Description Notes
8 If you are using a DMZ Contact your network For more information, deployment, consider specialist or see Port Security for the following: administrator if you Avaya Equinox require a DMZ Solution Reference • Ensure you have configuration. Guide on http:// configured the support.avaya.com required, servers, routers, and firewalls • Ensure the required port modifications are made.
April 2018 Deploying Avaya Equinox Solution 22 Comments on this document? [email protected] Chapter 3: Installing Avaya Common Servers with Avaya Appliance Virtualization Platform
Downloading documentation About this task Avaya Common Servers (CSR) are delivered with Appliance Virtualization Platform (AVP) hypervisor pre-installed. This license is also pre-installed and cannot be modified. Avaya Common Servers utilize OEM hardware from HP or Dell. Use this procedure to find and download documents on HP or Dell servers that you are using in your deployment. The documentation includes information on the servers and procedures for installing them in racks. Procedure 1. Open a browser and go to https://support.avaya.com/downloads. 2. Enter Common Servers in the Enter Your Product Here field, and select the server version from the Choose Release dropdown. 3. Download the documents that you need.
Initial AVP host configuration About this task Note: AVP is pre-installed on Avaya Common Servers with In-band Management (applications and host management are accessed through a single port). If you require Out of Band Management, enable this feature as explained in the guide for Migrating and Installing Avaya Aura® Appliance Virtualization Platform; you should not reinstall the AVP. Note: Ultra High capacity Common Servers include an additional license to enable AVP to use more than 32 vCPUs for a single OVA. This license is enabled automatically after the license agreement
April 2018 Deploying Avaya Equinox Solution 23 Comments on this document? [email protected] Installing Avaya Common Servers with Avaya Appliance Virtualization Platform
is accepted for the host during initial setup. For Ultra High servers, you must connect to the host via SSH using a client such as PuTTY in order to accept the agreement and fully enable the host. Note: It is mandatory to install Utility Services as the first Virtual Machine in an AVP environment (before Equinox Management and Equinox Media Server). It is sufficient to install this in Services Port Only mode. When installing Utility Services in an Equinox Conferencing OTT/standalone deployment, configure the WebLM, CM and SMGR IP addresses to 0.0.0.0 if those components are not present in the environment. Warning: You should not reinstall the AVP software on an Ultra High server due to the special license which is pre-deployed during assembly. If configuration changes are required, follow the documented process to achieve this. If the AVP software requires reinstallation, the server must be replaced via Avaya’s Return Material Authorization (RMA). Note: SSH is enabled by default until the EULA license is accepted. Once accepted, SSH is automatically disabled after 24 hours. You need to connect to the host using SSH and accept the EULA before deploying any applications on the host. Procedure 1. Connect a laptop to port 2 on the rear panel of the AVP host. Configure the laptop with the following: • IP address: 192.168.13.5 • Subnet mask: 255.255.255.248 2. Add host to the Solution Deployment Manager (SDM). 3. (Optional) Enable SSH on host via SDM (if more than 24 hours has elapsed since initial power on). 4. Start an SSH session, log in to 192.168.13.6. The username varies depending on the AVP version. For AVP release 7.0.1, it is root; for AVP release 7.1, it is admin.The temporary setup password is Avaya123$. Once you log in, you are prompted to change this immediately. (The system is not operational until the setup password has been changed.) 5. Read and accept EULA. 6. (Required for Ultra High servers only) Execute the enable_enhanced_AVP script by entering the following on the AVP command line: /vmfs/volumes/server-local- disk/enable_enhanced_AVP 7. (Required for Ultra High servers only) Read and accept EULA. 8. (Required for Ultra High servers only) The script states AVP enhanced mode successfully enabled when completed.
April 2018 Deploying Avaya Equinox Solution 24 Comments on this document? [email protected] Deploying the Solution Deployment Manager client
9. (Optional for Ultra High servers only) To confirm successful enablement of AVP enhanced mode, execute the following command on the AVP command line: vim-cmd vimsvc/ license --show | grep "VMware vSphere". You should see an output that states name: VMware vSphere 5 Standard.
Deploying the Solution Deployment Manager client About this task To manage the system and deploy OVAs, you need to install the Solution Deployment Manager (SDM) client on a PC. The SDM application requires a PC running 64–bit Windows 7 OS, Windows 8.1, or Windows 10 operating system. Before you begin Download the SDM user guide from https://downloads.avaya.com/css/P8/documents/101023857. The guide also explains how to access the AVP host for a fresh installation. The AVP host is shipped with default IP and login. Procedure 1. Download the SDM client application from the Avaya PLDS. The SDM version must match the AVP version (for example, 7.1 for both). 2. Install the SDM application. 3. In the SDM Client Dashboard, select the VM Management page. 4. In the Location Management page, create a location for your hosts’ cluster by selecting Location > New. a. Add a name for the location. b. Leave the optional fields empty. 5. In the Host Management page, enter the AVP host name, FQDN or IP, user name, and password. 6. Open the SDM client, and select the host for the OVA you want to install. This opens a page showing the host details. Select Next. 7. Add the OVA file you need to deploy: full pathname (for example, C:\Program Files\Avaya \AvayaSDMClient\Default_Artifacts\EquinoxMediaServer_8_5_0_23_5.ova) and select Submit. 8. Enter the virtual machine name and configure the network properties: default gateway, public IP address, public netmask. Select Deploy. 9. In the EULA acceptance page, select Accept.
April 2018 Deploying Avaya Equinox Solution 25 Comments on this document? [email protected] Chapter 4: Installing customer-provided servers
Prerequisites for OVA installation If you use your own servers, make sure to follow these recommendations: • ESXi must be VMware version 5.5, 6.0, or 6.5. • For optimized performance, load the ESXi package from the hardware vendor site if available (DELL and HP have them), instead of the VMware site. • For the media virtual machines, you need to enable hyper-threading on the host. • We do not recommend using vMotion (DRS or manual), as it may break active sessions. • Deploy OVAs via the VMware vSphere Client connected to vCenter or to a standalone host.
April 2018 Deploying Avaya Equinox Solution 26 Comments on this document? [email protected] Chapter 5: Before you begin software installation
Prerequisites for software installation Verify the following: • The deployment layout type has been chosen based on the capacity and scaling requirements. • The required number of IP addresses obtained. • Obtain the latest installation disks for Linux and software installation: • The target servers meet the following requirements: - All application servers have the same hardware type with the same disk, CPU, memory, and network interface configuration according to the appropriate deployment layout. - All servers meet the minimum hardware and configuration requirements for the Avaya Equinox Solution. - All servers are connected and installed into the target environment including cables and network connections. - All servers have the Motherboard BIOS and the disk controller BIOS settings configured to ensure installation of the server platform software. • The host environment meets the following: - Networking is in place to host the target servers and it is configured to route traffic between servers, firewalls, routers, switches, DMZ, and any other equipment in the host network, for example, management stations. - Up to two NTP clock sources available for the system to receive clocking information. - Up to three DNS servers available for the system to resolve addresses - A desktop computer or server (other than the one hosting the target server), that can execute ICMP ping requests - A Windows based PC with Internet Explorer 8.0 or 9.0, or Firefox 4.0 or later. - A desktop computer or server that is synchronized to the same external NTP clock sources used by the target servers.
April 2018 Deploying Avaya Equinox Solution 27 Comments on this document? [email protected] Before you begin software installation
NTP synchronization is particularly important for TE deployments. All elements in the Avaya Aura® deployment must be aligned, including Avaya Aura® Session Manager, Avaya Aura® System Manager, Avaya Aura® Device Services, and Avaya Multimedia Messaging. • Obtain any certificates that are to be used from either an Enterprise Certificate Authority or from some other well-known trusted Certificate Authority. • If you are installing Avaya Equinox for Team Engagement, the Avaya Aura® components must be installed and operational prior to installing the solution. • If you are installing Avaya Equinox for Over The Top with another SIP-based PBX, the PBX/SIP Entities must be installed and operational prior to installing the solution.
Latest software updates and patch information Before you start the deployment or upgrade of an Avaya product or solution, download the latest software updates or patches for the product or solution. For more information, see the latest release notes, Product Support Notices (PSN), and Product Correction Notices (PCN) for the product or solution on the Avaya Support Web site at https://support.avaya.com/. After deploying or upgrading a product or solution, use the instructions in the release notes, PSNs, or PCNs to install any required software updates or patches. For third-party products used with an Avaya product or solution, see the latest release notes for the third-party products to determine if you need to download and install any updates or patches.
Software installation checklist for SMB deployment The following table provides a high-level view of the tasks involved in installing the applications software. Use this checklist when you perform a fresh installation of applications software.
No. Task Description Notes
1 Ensure you have planned See Before You Begin your deployment layout. checklist on page 19. 2 Review the prerequisites See Prerequisites for software installation on page 27. 3 Ensure that you install the See the latest Avaya There are two types of latest patches. Equinox Solution patches, patches for the Equinox which are available on Solution: http://support.avaya.com. Table continues…
April 2018 Deploying Avaya Equinox Solution 28 Comments on this document? [email protected] Software installation checklist for SMB deployment
No. Task Description Notes
Operating System Patches Application patches Ensure that you have the latest of both types of patch. 4 Deploy the Equinox Installed modules include: For deployments with Management OVA and Management, SIP B2BUA, more than 2,000 activate the Equinox H.323 Gatekeeper, Equinox concurrent calls, install Management server. Conference Control, User the Avaya Equinox Web Portal + Web Gateway. The Gateway/Portal, H.323 Avaya Aura® User Portal Gatekeeper, and Equinox functionalities and Avaya Conference Control as Aura® Web Gateway separate OVAs and functionalities are available nodes. as an integrated part of the Equinox Management application. See the chapter explaining the installation and first configuration tasks. 5 Deploy Equinox Media Installed modules include: Server OVAs and activate MCU, WCS, AMS. See the these servers on Equinox chapter explaining the Management. installation and first configuration tasks. 6 Deploy other components, • Avaya Equinox Recording • Deploying the ASBCE such as Equinox Streaming Gateway is relevant for is mandatory when the and Recording Server, Equinox Streaming and Avaya Equinox® Meet- Avaya Equinox Recording Recording Server. It Me Client is part of the Gateway, Avaya Session facilitates recording of solution. Border Controller for audio-only and web • Deploy Equinox H.323 Enterprise (ASBCE), collaboration conferences Edge only in legacy Equinox H.323 Edge server or pure audio-only Avaya Scopia solution and add to Equinox conferences hosted on deployments. The H. Management. Equinox Media Server 323 protocol is used and Scopia Elite MCUs only in legacy Avaya into Equinox Streaming Scopia deployments. and Recording Server. For more information, see Release Notes for Avaya Equinox Recording Gateway on http:// support.avaya.com. Table continues…
April 2018 Deploying Avaya Equinox Solution 29 Comments on this document? [email protected] Before you begin software installation
No. Task Description Notes
• Equinox H.323 Edge server provides a complete firewall and NAT traversal solution for H.323 deployments, enabling secure connectivity between enterprise networks and remote sites. 7 Create and sign CSR and You can use the CA in apply Equinox Equinox Management to Management certificates. sign certificates for other components. Prior to 9.1, when you had to regenerate a new certificate for Equinox Management, you had to delete the current certificate first, then generate a CSR for the CA to sign. If it took time to get the new certificate, Equinox Management had to stop service during that period of time. From 9.1 on, the new CSR can be generated in advance. Thus, when the new certificate is ready, the administrator can replace it. Equinox Management prompts for client authentication and server authentication as the Extended Key Usage attributes when generating the CSR. As a result, the third-party CA can add these attributes to the certificate and mutual TLS is achieved successfully. 8 Create and sign CSR for each component such as Equinox Streaming and Recording Server, Avaya Equinox Recording Gateway, ASBCE, Equinox H.323 Edge server. Table continues…
April 2018 Deploying Avaya Equinox Solution 30 Comments on this document? [email protected] Software installation checklist for SMB deployment
No. Task Description Notes
9 Restart Equinox Management server. 10 Restart Equinox Media Server. 11 Sync Meeting types from Equinox Media Server to Equinox Management. Important:
Do not upload Equinox Media Server meeting types to Scopia® Elite 6000 MCU if this server is installed. 12 Configure the Meeting Policies in Equinox Management. 13 Configure Users and Virtual Rooms in Equinox Management. 14 Install clients and Soft clients might include: endpoints. Avaya Equinox® Meet-Me and Avaya Equinox® Meetings for Web (WebRTC). See the product’s user guide. 15 Configure the clients and See the product‘s endpoints in the administrator guide. management entities of the OTT solution. 16 Create calls. 17 Configure the products. See the product‘s administrator guide. 18 Backup your Equinox See the product’s Solution system after you administrator guide. install it. 19 If your deployment is a Return to step 1 in this redundant deployment, checklist. install the products on secondary servers.
April 2018 Deploying Avaya Equinox Solution 31 Comments on this document? [email protected] Before you begin software installation
Software installation procedures for medium to large deployments The following table provides a high-level view of the tasks involved in installing the applications software. Use this checklist when you perform a fresh installation of applications software.
No. Task Description Notes
1 Ensure you have See Before You Begin planned your checklist on page 19. deployment layout. 2 Review the See Prerequisites for prerequisites software installation on page 27. 3 Ensure that you install See the latest Avaya There are two the latest patches. Equinox Solution patches, types of patches for which are available on the Equinox http://support.avaya.com. Solution: Operating System Patches Application patches Ensure that you have the latest of both types of patch. 4 Deploy the Avaya Only for TE deployments. Aura® OVAs. 5 Deploy the Equinox In the OTT solution the • For OTT Management OVA installed modules include: deployments with and activate the Management, SIP B2BUA, more than 2,000 Equinox Management H.323 Gatekeeper, Equinox concurrent calls, server. Conference Control, User install the Avaya Portal + Web Gateway. The Equinox Web Avaya Aura® User Portal Gateway/Portal, and Avaya Aura® Web H.323 Gateway functionalities are Gatekeeper, and available as an integrated Equinox part of the Equinox Conference Management application. Control as separate OVAs If the OTT solution is used and nodes. in an Aura environment, the integrated Avaya Aura® For TE User Portal and Avaya deployments with Aura® Web Gateway more than 2,000 concurrent calls, Table continues…
April 2018 Deploying Avaya Equinox Solution 32 Comments on this document? [email protected] Software installation procedures for medium to large deployments
No. Task Description Notes
functionalities are provided install the Avaya in the Aura architecture. Aura® Web Gateway, Portal, See the OTT/TE chapter H.323 explaining the installation Gatekeeper, and and first configuration tasks Equinox for Equinox Management. Conference Control as separate OVAs and nodes. 6 Deploy Equinox Media Installed modules include: Server OVAs and MCU, WCS, AMS. See the activate these servers chapter explaining the on Equinox installation and first Management. configuration tasks. 7 Deploy other • Avaya Equinox Recording • Deploying the components, such as Gateway is relevant for ASBCE is Equinox Streaming Equinox Streaming and mandatory when and Recording Server, Recording Server. It the Avaya Avaya Equinox facilitates recording of Equinox® Meet- Recording Gateway, audio-only and web Me Client is part Avaya Session Border collaboration conferences of the solution. Controller for or pure audio-only • Deploy Equinox Enterprise (ASBCE), conferences hosted on H.323 Edge only Equinox H.323 Edge Equinox Media Servers in legacy Avaya server, and add to and Scopia Elite MCUs Scopia solution Equinox Management. into Equinox Streaming deployments. The and Recording Server. H.323 protocol is For more information, see used only in Release Notes for Avaya legacy Avaya Equinox Recording Scopia Gateway on http:// deployments. support.avaya.com. • Equinox H.323 Edge server provides a complete firewall and NAT traversal solution for H. 323 deployments, enabling secure connectivity between enterprise networks and remote sites. 8 Create and sign CSR You can use the CA in and apply Equinox Equinox Management to Management sign certificates for other certificates. components. Prior to 9.1, Table continues…
April 2018 Deploying Avaya Equinox Solution 33 Comments on this document? [email protected] Before you begin software installation
No. Task Description Notes
when you had to regenerate a new certificate for Equinox Management, you had to delete the current certificate first, then generate a CSR for the CA to sign. If it took time to get the new certificate, Equinox Management had to stop service during that period of time. From 9.1 on, the new CSR can be generated in advance. Thus, when the new certificate is ready, the administrator can replace it. Equinox Management prompts for client authentication and server authentication as the Extended Key Usage attributes when generating the CSR. As a result, the third-party CA can add these attributes to the certificate and mutual TLS is achieved successfully. 9 Create and sign CSR for each component . 10 Restart Equinox Management Server. 11 Restart Equinox Media Server. 12 Sync Meeting types from Equinox Media Server to Equinox Management.
Important:
Do not upload Equinox Media Server meeting types to Scopia® Elite 6000 MCUif this server is installed. Table continues…
April 2018 Deploying Avaya Equinox Solution 34 Comments on this document? [email protected] Software installation procedure for large deployments and for Service Providers
No. Task Description Notes
13 Configure the Meeting Policies in Equinox Management. 14 Configure Users and Virtual Rooms in Equinox Management. 15 Install clients and In the OTT solution, soft endpoints. clients might include: Avaya Equinox® Meet-Me and Avaya Equinox® Meetings for Web (WebRTC). In the TE solution, clients might include: Avaya Equinox®, Avaya H175 Video Collaboration Station, SDK customized clients, Avaya Vantage™. See the product’s administrator guide. 16 Configure the clients See the product‘s user and endpoints in the guide. management entities of the OTT/TE solution. 17 Create calls. 18 Configure the See the product‘s products. administrator guide. 19 Backup your Equinox See the product’s Solution system after administrator guide. you install it. 20 If your deployment is a Return to step 1 in this redundant checklist. deployment, install the products on secondary servers.
Software installation procedure for large deployments and for Service Providers The following table provides a high-level view of the tasks involved in installing the applications software. Use this checklist when you perform a fresh installation of applications software.
April 2018 Deploying Avaya Equinox Solution 35 Comments on this document? [email protected] Before you begin software installation
No. Task Description Notes
1 Ensure you have See Before You Begin planned your checklist on page 19. deployment layout. 2 Review the See Prerequisites for prerequisites software installation on page 27. 3 Ensure that you install See the latest Avaya There are two the latest patches. Equinox Solution patches, types of patches for which are available on Equinox Solution: http://support.avaya.com. Operating System Patches Application patches Ensure that you have the latest of both types of patch. 4 Deploy the Avaya Only for TE deployments. Aura® OVAs. 5 Deploy the Equinox In the OTT solution the • For OTT Management OVA installed modules include: deployments with and activate the Management, SIP B2BUA, more than 2,000 Equinox Management H.323 Gatekeeper, Equinox concurrent calls, server. Conference Control, User install the Avaya Portal + Web Gateway. The Equinox Web Avaya Aura® User Portal Gateway/Portal, and Avaya Aura® Web H.323 Gateway functionalities are Gatekeeper, and available as an integrated Equinox part of the Equinox Conference Management application. Control as separate OVAs If the OTT solution is used and nodes. in an Aura environment, the integrated Avaya Aura® For TE User Portal and Avaya deployments with Aura® Web Gateway more than 2,000 functionalities are provided concurrent calls, in the Aura architecture. install the Avaya Aura® Web See the OTT/TE chapter Gateway/Portal, explaining the installation H.323 and first configuration tasks Gatekeeper, and for Equinox Management. Equinox Conference Control as Table continues…
April 2018 Deploying Avaya Equinox Solution 36 Comments on this document? [email protected] Software installation procedure for large deployments and for Service Providers
No. Task Description Notes
separate OVAs and nodes. 6 Deploy Equinox Media Installed modules include: Server OVAs and MCU, WCS, AMS. See the activate these servers chapter explaining the on Equinox installation and first Management. configuration tasks. 7 Deploy other • Avaya Equinox Recording • Deploying the components, such as Gateway is relevant for ASBCE is Equinox Streaming Equinox Streaming and mandatory when and Recording Server, Recording Server. It the Avaya Avaya Equinox facilitates recording of Equinox® Meet- Recording Gateway, audio-only and web Me Client is part Avaya Session Border collaboration conferences of the solution. Controller for or pure audio-only • Deploy Equinox Enterprise (ASBCE), conferences hosted on H.323 Edge only Equinox H.323 Edge Equinox Media Servers in legacy Avaya server, and add to and Scopia Elite MCUs Scopia solution Equinox Management. into Equinox Streaming deployments. The and Recording Server. H.323 protocol is For more information, see used only in Release Notes for Avaya legacy Avaya Equinox Recording Scopia Gateway on http:// deployments. support.avaya.com. • Equinox H.323 Edge server provides a complete firewall and NAT traversal solution for H. 323 deployments, enabling secure connectivity between enterprise networks and remote sites. 8 Create and sign CSR You can use the CA in and apply Equinox Equinox Management to Management sign certificates for other certificates. components. Prior to 9.1, when you had to regenerate a new certificate for Equinox Management, you had to delete the current certificate first, then generate a CSR for the CA to sign. If it took time to get the new certificate, Equinox Table continues…
April 2018 Deploying Avaya Equinox Solution 37 Comments on this document? [email protected] Before you begin software installation
No. Task Description Notes
Management had to stop service during that period of time. From 9.1 on, the new CSR can be generated in advance. Thus, when the new certificate is ready, the administrator can replace it. Equinox Management prompts for client authentication and server authentication as the Extended Key Usage attributes when generating the CSR. As a result, the third-party CA can add these attributes to the certificate and mutual TLS is achieved successfully. 9 Create and sign CSR for each component. 10 Restart Equinox Management server. 11 Restart Equinox Media Server. 12 Sync Meeting types to Equinox Management. Important:
Do not upload Equinox Media Server meeting types to Scopia® Elite 6000 MCU if this server is installed. 13 Configure the Meeting Policies in Equinox Management. 14 Configure Users and Virtual Rooms in Equinox Management. 15 Install clients and In the OTT solution, soft endpoints. clients might include: Avaya Equinox® Meet-Me and Avaya Equinox® Meetings for Web (WebRTC). Table continues…
April 2018 Deploying Avaya Equinox Solution 38 Comments on this document? [email protected] Software installation procedure for adding servers
No. Task Description Notes
In the TE solution, soft clients might include: Avaya Equinox®, Avaya H175 Video Collaboration Station, SDK customized clients. See the product’s user guide. 16 Configure the clients See the product‘s user and endpoints in the guide. management entities of the OTT/TE solution. 17 Create calls. 18 Configure the See the product‘s products. administrator guide. 19 Backup your Equinox See the product’s Solution system after administrator guide. you install it. 20 If your deployment is a Return to step 1 in this redundant checklist. deployment, install the products on secondary servers.
Software installation procedure for adding servers The following table provides a high-level view of the tasks involved in installing the applications software. Use this checklist when you perform a fresh installation of applications software.
No. Task Description Notes
1 Install Avaya Aura® For TE deployments. OVAs on the See the chapter additional servers. explaining the installation and first configuration tasks. 2 Equinox Management See the chapter OVA on the additional explaining the server. installation and first configuration tasks. Table continues…
April 2018 Deploying Avaya Equinox Solution 39 Comments on this document? [email protected] Before you begin software installation
No. Task Description Notes
3 Install Equinox Media See the chapter Server OVAs on explaining the additional servers. installation and first configuration tasks. 4 Install other See the chapter components such as explaining the Equinox Streaming installation and first and Recording Server, configuration tasks. Avaya Session Border Controller for Enterprise, Equinox H. 323 Edge server, and add to Equinox Management.
April 2018 Deploying Avaya Equinox Solution 40 Comments on this document? [email protected] Chapter 6: Equinox Management Deployment for Over the Top (OTT) Solution
Deployment of Equinox Management for OTT solution — Overview Equinox Management is deployed virtually, without physical hardware, pre-installed common servers, or an .exe file. Equinox Management is delivered to the customer as an OVA file, which includes the pre-installed application on VMware vSphere virtual appliances, an Operating System (OS), and startup scripts necessary to perform initial product configuration. Equinox Management verifies the amount of virtual resources it requires to operate the virtual machine. Each virtual appliance is associated with part numbers, as described in Deploying the Equinox Management Server on page 47. Additionally, you can deploy Equinox Management on Amazon Web Services (AWS), a cloud platform provided by Amazon. Equinox Management Components Equinox Management includes the following configurable components: • Equinox Management • SIP B2BUA • H.323 Gatekeeper • Equinox Conference Control • User Portal + Web Gateway (optional) Note: - If you select High-Medium mode during OVA deployment, the User Portal + Web Gateway service is deployed on the management server with Status = Active. - If you select Avaya Aura® Power Suite (UC) License during OVA deployment, the User Portal + Web Gateway service is not deployed on the management server. The Equinox Management Server OVA activation key requires only a UUID, which is provided after deploying the OVA.
April 2018 Deploying Avaya Equinox Solution 41 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Virtualization Software The Equinox Management server supports the following virtualization software: • AVP 7.0 • VMware ESXi 5.5, 6.0, and 6.5 • VMware Workstation Pro 11 or later • VMware vCenter For details on technical requirements, see Equinox Management Technical Specifications on page 42.
Equinox Management Technical Specifications The Equinox Management server OVA supports two different working modes: • All-In-One: Includes all of the components working in one VM, for medium capacity deployment. • Distributed: For media or high capacity deployment, one management server works with one or multiple distributed management servers. For distributed deployment, one management server runs Equinox Management, while the distributed management server works either as an H.323 Gatekeeper, a UCCS, or as a User Portal + Web Gateway. Note: • Using low memory capacity in OVA configuration can cause the User Portal + Web Gateway to fail. • To support high capacity calls, the network must ensure that each subnet has enough bandwidth to support all required bandwidths for both media and signaling. The following table describes the hardware requirements for Equinox Management deployment, according to the available configuration types:
Table 1: Matching hardware server specifications with your product
Configurat Server CPU Serv VM VM RAM DISK Usage Capacity (Calls/ ion (processor er Minim CPU Reserv Reser Registered Users) Capacity x physical RAM um Reserv ation vation cores) (GB) vCPU ation (GB) s (MHz) Low 2.4 x 4 8 4 8000 6 200 Distributed H.323 – Management 2,000/10,000 Node server User Portal + Web User Portal + Gateway – Web Gateway 1,000/10,000 Table continues…
April 2018 Deploying Avaya Equinox Solution 42 Comments on this document? [email protected] Equinox Management Technical Specifications
Configurat Server CPU Serv VM VM RAM DISK Usage Capacity (Calls/ ion (processor er Minim CPU Reserv Reser Registered Users) Capacity x physical RAM um Reserv ation vation cores) (GB) vCPU ation (GB) s (MHz) or H.323 Gatekeeper Medium — 2.5 x 8 24 8 15000 16 200 Medium — Medium (All–In– High Scale All-In- One) – 2,000/30,000 One High — 15,000 Management Server (with Equinox Management & Web Gateway) — OTT High (with Equinox Management but without User Portal + Web Gateway, OTT/TE) Internal H.323 Gatekeeper capacity limited (see Important note below table)
Important: • When User Portal + Web Gateway resides with Equinox Management server, select the Medium-High VM model. • H.323 Gatekeeper is limited to 2,000 calls (10,000 registrations); to increase capacity, use distributed Management Node VMs. • User Portal + Web Gateway is limited to 3,000 calls. To increase capacity, use distributed Management Node VMs. • UCCS is limited to 2,000 calls. The following table describes the usability and capacities for the various VM models used in Equinox Management.
April 2018 Deploying Avaya Equinox Solution 43 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Table 2: Usability and Capacities for your product
VM Model Usability Required Set Usage By Capacity License Low Distributed Management Activating components 1,000 Web Gateway calls User Portal + Server through the Equinox 2,000 User Portal Web Gateway - License Management UI sessions Small Low H.323 Management Activating component 2,000 calls Gatekeeper Server through the Equinox 10,000 registrations License Management UI Medium-High All-in-one Management VM automatically becomes 2,000 total calls Medium Server all-in-one when User Portal (including 1,000 Web License + Web Gateway is activated. Gateway calls) (Equinox Capacity limitations are Management, 30,000 registered users enforced by Equinox B2B, H.323 Management. 2,000 User Portal Gatekeeper, sessions Equinox Conference Control, User Portal + Web Gateway) Medium-High High scale Management VM automatically becomes 15,000 total calls management Server HIGH when User Portal + 150,000 registered users License Web Gateway is inactive by (Equinox (400,000 unregistered administrator. Relevant for Management, users) TE and large OTT B2B, H.323 deployments. 2,000 H.323 Gatekeeper Gatekeeper, calls Equinox Conference Control) Medium-High Distributed Management VM automatically becomes 2,000 Web Gateway calls User Portal + Server User Portal + Web Gateway 4,000 portal sessions Web Gateway - License when receiving license Medium Medium-High Distributed Management VM automatically becomes 2,000 total calls UCCS Server UCCS when receiving License license
April 2018 Deploying Avaya Equinox Solution 44 Comments on this document? [email protected] Checklist for Deploying Equinox Management in an All-In-One Working Mode
Checklist for Deploying Equinox Management in an All-In- One Working Mode The following list of tasks enables you to configure Equinox Management in an all-in-one working mode. All-in-one deployment entails all components working in one VM, and is typically used for small or medium capacity deployment.
No. Task Link/Notes
1 Download software from the PLDS Downloading software from PLDS on page 46 2 Deploy the all-in-one Equinox Deploying the Equinox Management Management server Server on page 47 3 Log into the Equinox Management Logging Into Equinox Management on server page 61 4 Configure the Equinox Management Configuring the All-In-One Equinox server for the all-in-one working Management Server on page 68 mode Configuring Gatekeepers in Avaya Equinox Management on page 72 Configuring Deployment of User Portal + Web Gateway on page 75 5 Secure connections Securing Connections with Equinox Management on page 85 6 Update your license Updating a User License on page 103 7 Deploy and Configure the Equinox Deploying and Configuring the Equinox Management Environment Management Environment on page 108
Checklist for Deploying Equinox Management in a Distributed Working Mode The following list of tasks enables you to configure Equinox Management in a distributed working mode. Distributed deployment adds one or more management servers to your deployment, as follows: • The management server runs Equinox Management. • The distributed management server works as either the H.323 Gatekeeper or User Portal + Web Gateway. Distributed deployment is typically used for media or high-capacity deployment.
April 2018 Deploying Avaya Equinox Solution 45 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
No. Task Link/Notes
1 Download software from the PLDS Downloading software from PLDS on page 46 2 Deploy the Equinox Management Deploying the Equinox Management server Server on page 47 3 Log into the Equinox Management Logging Into Equinox Management on server page 61 4 Configure the Equinox Management Enable SIP B2BUA and/or Equinox server for distributed working mode Conference Control, per your deployment requirements (see the Administrator Guide for Avaya Equinox Management). 5 Add the H.323 Gatekeeper Configuring Gatekeepers in Equinox Management on page 72 6 Add the User Portal + Web Gateway Configuring Deployment of User Portal + Web Gateway on page 75 7 Add the UCCS Adding a UCCS Server in Equinox Management on page 82 8 Secure connections Securing Connections with Equinox Management on page 85 9 Configure User Portal + Web Configuring User Portal / Web Gateway Gateway settings Settings on page 98 10 Update your license Updating a User License on page 103 11 Deploy and Configure the Equinox Deploying and Configuring the Equinox Management Environment Management Environment on page 108
Downloading software from PLDS When you place an order for an Avaya PLDS-licensed software product, PLDS creates the license entitlements of the order and sends an email notification to you. The email includes a license activation code (LAC) and instructions for accessing and logging into PLDS. Use the LAC to locate and download the purchased license entitlements. In addition to PLDS, you can download the product software from http://support.avaya.com using the Downloads and Documents tab at the top of the page. Note: Only the latest service pack for each release is posted on the support site. Previous service packs are available only through PLDS.
April 2018 Deploying Avaya Equinox Solution 46 Comments on this document? [email protected] Deploying the Equinox Management Server
Procedure 1. Enter http://plds.avaya.com in your Web browser to access the Avaya PLDS website. 2. Enter your login ID and password. 3. On the PLDS home page, select Assets. 4. Click View Downloads. 5. Click on the search icon (magnifying glass) for Company Name. 6. In the %Name field, enter Avaya or the Partner company name. 7. Click Search Companies. 8. Locate the correct entry and click the Select link. 9. Enter the Download Pub ID. 10. Click Search Downloads. 11. Scroll down to the entry for the download file and click the Download link. 12. In the Download Manager box, click the appropriate download link. Note: The first link, Click to download your file now, uses the Download Manager to download the file. The Download Manager provides features to manage the download (stop, resume, auto checksum). The click here link uses your standard browser download and does not provide the download integrity features. 13. If you use Internet Explorer and get an error message, click the install ActiveX message at the top of the page and continue with the download. 14. Select a location where you want to save the file and click Save. 15. If you used the Download Manager, click Details to view the download progress.
Deploying the Equinox Management Server About this task The Avaya Equinox Management server OVA deployment includes the following configurable components: • Equinox Management • SIP B2BUA Server • H.323 Gatekeeper • Equinox Conference Control • Web Collaboration Server
April 2018 Deploying Avaya Equinox Solution 47 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
• User Portal + Web Gateway (optional) The virtual appliance is associated with the following part numbers: • Base part number: A part number which enables the customer to download the OVA itself. • Product activation license: Enables full product functionality. Different product activation keys are required for the various product features. Customers can purchase product activation licenses according to the needs of their system. Licensing is based on UUID. Before you begin Before deploying Equinox Management on an AVP server with VMware ESXi, ensure that you have the following: • Equinox Management OVA you downloaded from PLDS. • Virtualization Software: - AVP 7.0 - VMware ESXi 5.5, 6.0, and 6.5 - VMware vCenter - VMware Workstation Pro 11 or later • Hardware: See Table 1: Matching hardware server specifications with your product on page 42 Procedure 1. Copy the Equinox Management OVA files to your local machine. 2. Open the vSphere Client and enter the virtual host’s user name and password in the relevant fields.
April 2018 Deploying Avaya Equinox Solution 48 Comments on this document? [email protected] Deploying the Equinox Management Server
Figure 3: vSphere Client 3. Select Login. The vSphere client page opens, where you select File > Deploy OVF Template to upload the .ova file.
Figure 4: vSphere Client Page
April 2018 Deploying Avaya Equinox Solution 49 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
4. Select the local Equinox Management OVA file, and select Next to open the Deploy OVF Template wizard. The OVF Template Details page opens, displaying the product information.
Figure 5: OVF Template Details Page 5. Select Next. The End User License Agreement page opens.
6. Select Accept to accept the license agreement, and select Next. The Name and Location page opens. 7. Enter a name for the OVF template in the Name field, and select Next. The Deployment Configuration page opens.
April 2018 Deploying Avaya Equinox Solution 50 Comments on this document? [email protected] Deploying the Equinox Management Server
Figure 6: Deployment Configuration Page
For details on technical requirements per configuration type, see Equinox Management Technical Specifications on page 42. 8. In the Configuration field, select the relevant Equinox Management profile, based on your environment, and select Next. The Disk Format page opens.
April 2018 Deploying Avaya Equinox Solution 51 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 7: Disk Format Page 9. Select Thick Provision Lazy Zeroed and select Next. The Network Mapping page opens.
April 2018 Deploying Avaya Equinox Solution 52 Comments on this document? [email protected] Deploying the Equinox Management Server
Figure 8: Network Mapping Page
Note: Dual NIC and DHCP are not supported for Equinox Management. 10. Map the networks used in your OVF template to networks in your inventory, and select Next. The Ready to Complete page opens, displaying your deployment settings.
April 2018 Deploying Avaya Equinox Solution 53 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 9: Ready to Complete Page
Optionally, select the Power on after deployment check box to activate Equinox Management after completing deployment. 11. Verify that your settings are correct, and select Finish. The system deploys the OVA to the virtual host server.
Figure 10: Deploying the OVA
April 2018 Deploying Avaya Equinox Solution 54 Comments on this document? [email protected] Deploying the Equinox Management Server
The dialog box closes when deployment finishes, and the Virtual Machine Properties page opens, displaying the properties of the virtual machine.
Figure 11: Virtual Machine Properties Page 12. Ensure that at least 8 CPU cores and 16 GB of memory are allocated. We recommend allocating 16 CPU cores for enhanced performance. 13. Select OK to complete the deployment. 14. In the resulting window, right-click the OVA and select Open Console.
April 2018 Deploying Avaya Equinox Solution 55 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 12: vSphere Client — Open Console Option 15. Select the green arrow icon to start the virtual server. The Command Prompt window displays in the vSphere Client.
April 2018 Deploying Avaya Equinox Solution 56 Comments on this document? [email protected] Deploying the Equinox Management Server
Figure 13: Server Command Prompt Window 16. Enter N next to the Select prompt to configure network port values. A new Select prompt appears, with the options for configuring network port values.
April 2018 Deploying Avaya Equinox Solution 57 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 14: Configure Network Port Values Options 17. Enter 2 next to the Select prompt to change the network configuration. 18. On the resulting Command Prompt window, enter the IP address, subnet mask, and default router address.
April 2018 Deploying Avaya Equinox Solution 58 Comments on this document? [email protected] Deploying the Equinox Management Server
Figure 15: Changing Network Configuration
Press Enter. The parameters are saved and the Command Prompt window refreshes.
April 2018 Deploying Avaya Equinox Solution 59 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 16: Network Configuration Values 19. Enter 0 next to the Select prompt to return to the main menu.
April 2018 Deploying Avaya Equinox Solution 60 Comments on this document? [email protected] Logging into Equinox Management
Figure 17: Main Menu 20. Enter Q next to the Select prompt to exit the vSphere Client and restart the virtual server with the updated network configurations. The Equinox Management OVA deployment is complete. Before logging on, wait 2-3 minutes for the server to complete initialization. Next steps Log into Equinox Management, as described in Logging into Equinox Management on page 61.
Logging into Equinox Management About this task After completing the Equinox Management deployment, log into Equinox Management. Before you begin • Ensure that you have successfully completed deployment of Equinox Management (see Deploying the Equinox Management Server on page 47).
April 2018 Deploying Avaya Equinox Solution 61 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
• Ensure that you have set up the following components, with their respective IP addresses: - All-In-One server FQDN - NTP server Note: We recommend using the Linux NTP server, as the Windows NTP server may not work properly. - DNS server Procedure 1. Access the Equinox Management server. By default, the URL is http://
Figure 18: Equinox Management Install Wizard Page 3. To use a 30 day demo version of the software without entering an activation key: a. Select 30 days demo trial. The Install Wizard appears, where you select the Equinox Management model to use:
April 2018 Deploying Avaya Equinox Solution 62 Comments on this document? [email protected] Logging into Equinox Management
Figure 19: Equinox Management Install Wizard b. If you select either the Over the Top (OTT) or Team Engagement (TE) options, the second page of the wizard appears:
April 2018 Deploying Avaya Equinox Solution 63 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 20: Equinox Management Install Wizard — Second Page c. Select the Equinox Management version that you want to install, and select Next. The login page appears. d. Enter login credentials in the fields. The default credentials are: • Username: admin • Password: admin The Equinox Management dashboard appears.
April 2018 Deploying Avaya Equinox Solution 64 Comments on this document? [email protected] Logging into Equinox Management
Figure 21: Equinox Management Dashboard e. To view licensing information, select the Settings icon on the right side of the page and select License Information. The License Status field displays 30 days. 4. To use a regular licensed version of the software: a. Enter the activation key in the field provided on the Install Wizard page, and select Activate. The introduction page of the Equinox Management Installation Wizard opens.
April 2018 Deploying Avaya Equinox Solution 65 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 22: Equinox Management Installation Wizard — Introduction Page b. Select OK. The first page of the install wizard opens.
Figure 23: Equinox Management Installation Wizard — Page 1
April 2018 Deploying Avaya Equinox Solution 66 Comments on this document? [email protected] Logging into Equinox Management
c. Enter the server’s parameters in the FQDN, DNS, DNS Search, NTP Server, and Time Zone fields, and select Next. The second page of the wizard opens and displays your Equinox Management server UUID.
Figure 24: Equinox Management Installation Wizard — Page 2 d. Download a license activation key from PLDS (see Downloading software from PLDS on page 46). e. Enter the activation key in the field on the second page of the install wizard, and select Activate. Note: If the virtual machine is corrupted, an earlier license cannot be used to restore from a backup server since the UUID changes with each new virtual machine. Equinox Management automatically determines whether you are configuring an Over- the-Top (OTT) or a Team Engagement (TE) solution, based on the license key you use. f. Wait approximately 3–5 minutes for the system to activate, at which time you are logged into Equinox Management automatically.
April 2018 Deploying Avaya Equinox Solution 67 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 25: Equinox Management Entry Page (Dashboard) g. To view licensing information, select the Settings icon on the right side of the page and select License Information. The License Status field displays Permanent. Next steps Configure the all-in-one Equinox Management server, as described in Configuring the All-In-One Equinox Management Server on page 68.
Configuring the All-In-One Equinox Management Server About this task The Equinox Management OVA supports the following working modes: • All-in-one: Includes all of the components working in one VM, for medium capacity deployment. • Distributed: For media or high capacity deployment, one management server works with either one or multiple distributed management servers, as follows: - One management server runs Equinox Management - The distributed management server works as either the H.323 Gatekeeper, the UCCS, or the User Portal + Web Gateway Procedure 1. Navigate to Settings > System Preference > Local Services. 2. Verify that the status of the User Portal + Web Gateway module is Active.
April 2018 Deploying Avaya Equinox Solution 68 Comments on this document? [email protected] Configuring the All-In-One Equinox Management Server
Figure 26: Local Services Page — User Portal + Web Gateway
Note: If the User Portal + Web Gateway status is Not Installing, wait approximately five minutes for the status to change to Installing. The User Portal + Web Gateway installation takes approximately 15–20 minutes. Important: Do not restart the server during User Portal + Web Gateway installation; doing so will cause the installation to fail and require you to redeploy the OVA. 3. Navigate to the Configuration page (Settings > System Preference > Configuration) and verify that the FQDN, DNS, and NTP settings are correct.
April 2018 Deploying Avaya Equinox Solution 69 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 27: Configuration Page
Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper About this task After deploying and configuring the Equinox Management server, you then deploy an additional management server OVA which serves as the distributed management server. You can distribute this server to an H.323 Gatekeeper. This step is optional. Note: • If you want to delete an H.323 Gatekeeper that has been deployed and then add the same H.323 Gatekeeper again, you must first delete the virtual machine before doing so. • You must specify the Time Zone on the Configuration page (Settings > System Preference > Configuration) before setting up a distributed management server. Before you begin Ensure that you have deployed the management server OVA, as described in Deploying the Equinox Management Server on page 47. Procedure 1. In Avaya Equinox Management, select Devices > Devices by Type > Management Servers. The Add Management Server page appears.
April 2018 Deploying Avaya Equinox Solution 70 Comments on this document? [email protected] Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper
Figure 28: Add Management Server Page 2. Configure the Name, IP Address, FQDN, Model and Location of the server. Ensure that you select Node: H.323 Gatekeeper for the Model, and select OK. 3. Wait 1-2 minutes for initialization to complete, and then select the server and retrieve the server’s UUID from the Info tab.
Figure 29: Info Tab — Management Server UUID 4. Using the UUID, retrieve the license key from PLDS (http://plds.avaya.com). 5. On the Management Servers page (Devices > Devices by Type > Management Servers), select the Licensing tab and enter the distributed management server license key into the Update License Key field, and select the Apply button. Note: Updating the license may take between 30–60 seconds.
April 2018 Deploying Avaya Equinox Solution 71 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
After applying the license, the distributed H.323 Gatekeeper installs. This process may take up to 10 minutes to complete. 6. On the Management Server’s Info tab (Devices > Devices by Type > Management Servers, select a management server), verify that the server’s status is Online and that the version is correct to ensure that the distributed H.323 Gatekeeper deployment was successful.
Figure 30: Management Server — Status and Version Related links Configuring Gatekeepers in Avaya Equinox Management on page 72
Configuring Gatekeepers in Avaya Equinox Management Equinox Management is shipped with a built-in gatekeeper, the Avaya Equinox gatekeeper, which can be used to manage and route endpoint-initiated calls and point-to-point calls. Equinox Management can also work with the standalone Avaya Equinox H.323 Gatekeeper or third party gatekeepers when they are configured as neighbors to its internal gatekeeper. Available third- party gatekeepers include the Cisco IOS H.323 Gatekeeper and the Tandberg (Cisco) Video Communications Server (VCS). Only endpoints can be registered to a third-party gatekeeper. For details on deploying and configuring an external gatekeeper, see the Administrator Guide for Avaya Equinox Management. Related links Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper on page 70 Defining the Gatekeeper’s Dial Plan in Avaya Equinox Management on page 72 Defining the Gatekeeper’s Dial Plan in Avaya Equinox Management About this task A dial plan is the set of call routing rules based on pre-defined number prefixes. The number prefixes are used to determine the location and/or the services a user needs.
April 2018 Deploying Avaya Equinox Solution 72 Comments on this document? [email protected] Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper
An organization’s dial plan must be implemented in Avaya Equinox Management and also configured in any standalone gatekeepers to ensure that it is managed effectively. The most common example of a dial plan comes from the traditional telephony world, where locations are determined by the format of the phone number: • Numbers which do not begin with a zero are local calls. • Numbers starting with a single zero denote an inter-city call. • Numbers starting with a double-zero indicate an international call. Similarly, a gatekeeper can be configured to determine locations in an organization’s dial plan. For example, all numbers beginning with ‘5’ might be located in Europe, ‘6’ routes to the west coast of the US, ‘7’ to the east coast, and so on. In addition to locations, gatekeepers can also invoke services from a number format (dial plan). For example, a number beginning with ‘88’ might be chosen to access a person’s video virtual room. Procedure 1. Access the Equinox Management administrator portal. 2. In the Settings tab, navigate to System Preference > Local Services. The Local Services page opens.
Figure 31: Local Services Page 3. Select the H.323 Gatekeeper link. The gatekeeper's information page opens.
April 2018 Deploying Avaya Equinox Solution 73 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 32: H.323 Gatekeeper Information Page 4. Configure the fields on the page, as described in the following table:
Table 3: Configuring the H.323 Gatekeeper Settings
Section Name Field Name Description Basic Registration Select the mode by which endpoints can register with the H. Mode 323 Gatekeeper: • All: Any endpoint can register with the H.323 Gatekeeper. • None: No endpoint can register with the H.323 Gatekeeper. • Predefined: Only Equinox Management endpoints can register with the H.323 Gatekeeper. Strip Zone Select to remove the local zone prefix when calling the Local Prefix endpoint. Zone Prefix A number which the endpoint uses as a prefix before dialing another endpoint. TTL Enabled TTL Select to require the endpoint to re-register with the H.323 Gatekeeper when the endpoint’s Time-To-Live (TTL) setting expires. Multiple TTL Increases the length of time that the H.323 Gatekeeper waits by for TTL expiration before an endpoint is unregistered. Enter an integer between 1–100 to indicate the factor by which you want to multiply the endpoint’s TTL value. Default value = 2 Table continues…
April 2018 Deploying Avaya Equinox Solution 74 Comments on this document? [email protected] Configuring Deployment of User Portal + Web Gateway
Section Name Field Name Description The length of time that the H.323 Gatekeeper waits for TTL expiration before unregistering the endpoint is determined as follows: (endpoint TTL) * (value entered in Multiple TTL by field) + 20 seconds Note: If you modify either the Enabled TTL check box or the Multiple TTL by field after an endpoint has registered to the H.323 Gatekeeper, the H.323 Gatekeeper implements the new values only after the endpoint re-registers. Max TTL The maximum amount of time (in seconds) that the H.323 interval Gatekeeper can wait for TTL expiration before unregistering the endpoint. Default value = 3600 Registered Displays the list of endpoints that are registered to the H.323 Endpoints Gatekeeper. Route IP Calls Route IP Calls Select to route IP calls to the Equinox H.323 Edge server. to Equinox H. When selecting this check box, select the Add button and 323 enter the IP Address and Port through which you want to route EdgeServer calls. Neighbors Prefix The prefix of the neighboring H.323 Gatekeeper. IP Address The IP address of the neighboring H.323 Gatekeeper. Port The port of the neighboring H.323 Gatekeeper. Description A description of the neighboring H.323 Gatekeeper. Security Enable Select to allow only a password-specified endpoint to register Password Security (H. with the H.323 Gatekeeper. 235) When this check box is cleared, any endpoint can register with the H.323 Gatekeeper. 5. Select Apply to save your changes. Related links Configuring Gatekeepers in Avaya Equinox Management on page 72
Configuring Deployment of User Portal + Web Gateway About this task You can deploy a single distributed User Portal + Web Gateway in your environment. Once you deploy more than one User Portal + Web Gateway, they are formed as a cluster.
April 2018 Deploying Avaya Equinox Solution 75 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
During cluster deployment of User Portal + Web Gateway, you configure multiple User Portal + Web Gateway servers in your environment. The servers work together to ensure that client requests are balanced between the servers, so that no single server is overloaded with requests. Cluster deployment of User Portal + Web Gateway consists of a seed node (the first node you deploy, which is the master User Portal + Web Gateway) and non-seed nodes (subsequent nodes you deploy, which are subservient to the seed node). The procedure for deploying seed nodes and non-seed nodes is identical. To deploy User Portal + Web Gateway, follow this procedure. Before you begin Specify the NTP Server on the Configuration page (Settings > System Preference > Configuration) before setting up a distributed management server. Procedure 1. Access the Avaya Equinox Management Administrator portal. 2. Select Settings > System Preference > Local Services. The Local Services page appears.
Figure 33: Local Services Page 3. Turn off the User Portal + Web Gateway service (if its status is Active). 4. Select Settings > Devices > User Portal/Web Gateway. The User Portal/Web Gateway page appears. 5. Expand the Portal Setting section, and configure the Frontend FQDN for both the client connection and management connection.
April 2018 Deploying Avaya Equinox Solution 76 Comments on this document? [email protected] Configuring Deployment of User Portal + Web Gateway
Figure 34: User Portal/Web Gateway Setting Page — Portal Setting Section 6. Select Devices > Devices by Type > User Portals and select Add. The Add User Portal page appears.
Figure 35: Add User Portal Page 7. Configure the fields on the page, as described in the following table:
Table 4: Add User Portal Fields
Field Description Name The name of the user portal. IP Address The IP Address of the user portal. Location Select the location of the user portal. Table continues…
April 2018 Deploying Avaya Equinox Solution 77 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Field Description FQDN Enter an FQDN for the user portal. When the Aura User Portal option is selected, this field does not appear. 8. Select the type of portal you are configuring, either Equinox User Portal (Node) or Aura User Portal. 9. Select OK. The configured user portal appears on the User Portals page. 10. Select the user portal to view detailed information, and select the Configuration tab.
Figure 36: Configuration Tab
Configure the fields on the page, as described in the following table:
Table 5: Configuring your user portal
Section Field Name Description Basic Name You can modify the name used to identify the Settings user portal. This is the name displayed in the list of user portals. Location This is relevant only for service providers or deployments with multiple locations. You can modify the user portal’s location. Service FQDN Enter the fully qualified domain name (FQDN) of the service. Secure connection Select to secure access to the user portal web interface. You can do this only if you installed certificates for the media server, either from Equinox Table continues…
April 2018 Deploying Avaya Equinox Solution 78 Comments on this document? [email protected] Creating a Distributed or Cluster User Portal + Web Gateway
Section Field Name Description Management or from the media server interface (see Administrator Guide for the Scopia Elite MCU). NTP NTP Server The IP Address of the NTP server Settings Time Zone The time zone in which the NTP server is located Network DNS Server 1 The IP Address of the DNS server Settings DNS Server 2 The IP Address of the backup DNS server, in the event that DNS Server 1 is not available DNS Search List Enter the short name of the DNS server when the media server searches other sites; The system searches the DNS search list for the suffix. IP Address The IP Address of the user portal Note: When the device is online, you can change its IP address in this field. Subnet Mask The subnet mask of the user portal Default Gateway The default gateway of the user portal Local FQDN The fully qualified domain name (FQDN) of the local user portal 11. Select Apply.
Creating a Distributed or Cluster User Portal + Web Gateway About this task This procedure explains how to disable the local User Portal + Web Gateway in Equinox Management and deploy either a single distributed node with more capacity, or a cluster of distributed nodes. The local User Portal + Web Gateway must be turned off when creating distributed nodes. After deploying the initial node, subsequent nodes are added to each cluster only after the previously added node is active. Equinox Management automatically connects to the deployed nodes and installs the User Portal + Web Gateway with the required properties to form a cluster. Additionally, Equinox Management passes the service Frontend FQDN to each cluster node. Each cluster node then looks up the associated IP to configure the required virtual IP. Before you begin • Ensure that you have deployed an Equinox Management application server.
April 2018 Deploying Avaya Equinox Solution 79 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
• Ensure that the FQDNs (AAWG Front-end FQDN, node local FQDNs) and IPs are defined on your network in DNS. The front-end FQDN must be bound to a virtual IP address. Node local FQDNs are bound to node physical IPs. Procedure 1. Access the Equinox Management Administrator portal. 2. Select Settings > System Preference > Local Services. The Local Services page appears.
Figure 37: Local Services Page
Ensure that the User Portal + Web Gateway service is disabled. Note: Do not turn off a service while it is installing, as this can cause performance issues. Wait until the installation completes. 3. Deploy an application server OVA to create the AAWG initial (seed) node. The cluster node is a utility node and not a management node; therefore, do not log in and activate or license the cluster node server. 4. Select Settings > Devices > User Portal/Web Gateway. The User Portal/Web Gateway Setting page appears.
April 2018 Deploying Avaya Equinox Solution 80 Comments on this document? [email protected] Creating a Distributed or Cluster User Portal + Web Gateway
Figure 38: User Portal/Web Gateway Setting Page 5. In the Frontend FQDN field, enter the service FQDN. 6. Select Devices > Devices by Type > User Portals, and select Add. The Add User Portal page appears.
Figure 39: Add User Portal Page 7. Configure the fields on the page, as described in the following table:
Table 6: Add User Portal Fields
Field Description Name The name of the user portal. IP Address The IP Address of the user portal. Location Select the location of the user portal. FQDN Enter the local FQDN for the user portal. When the Aura User Portal option is selected, this field does not appear.
• In OTT deployment, select Equinox User Portal (Node). • In TE deployment, select Aura User Portal.
April 2018 Deploying Avaya Equinox Solution 81 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
8. Select OK. 9. Wait for the User Portal to connect. The node is connected when its status is Online with alarms, and on the Alarms tab, the Device is restarting alarm is cleared and the license alarm, There is no license for the device alarm appears. 10. On the Info tab, copy the UUID. 11. Using the UUID, apply a license from the PLDS. 12. Copy and paste the license key in the relevant field in the License tab. 13. Select Apply and then select OK. The system installs the User Portal + Web Gateway. Installation takes under 10 minutes. When installation completes, the you must apply a new certificate to the node, as the self- signed certificate will not work properly. Ensure that the new certificate’s Subject Alternative Name (SAN) field includes both the front-end FQDN and the node’s local FQDN. For information on applying or replacing the current certificate, see Applying a Third-Party Certificate to the Distributed Equinox Management Server on page 90. Note: • If you continually receive a message of an invalid license key after installing, exiting and re-entering Equinox Management may fix the license key’s status. • After a new certificate is applied, restart the system when the certificate’s status is green and no alarms appear in the Alarms tab. 14. Repeat this procedure to add additional nodes, as necessary.
Adding a UCCS Server in Equinox Management About this task You configure UCCS servers in Equinox Management to enable load balancing. UCCS server is also referred to as Equinox Conference Control. Procedure 1. Access the Equinox Management administrator portal. 2. Select Devices > Devices by Type > UCCS Servers. The UCCSs page appears. 3. Select Add. The Add UCCS page appears.
April 2018 Deploying Avaya Equinox Solution 82 Comments on this document? [email protected] Adding a UCCS Server in Equinox Management
Figure 40: Add UCCS page 4. Enter a Name, IP Address, and FQDN for the UCCS, and select a Location and select OK. The device appears on the UCCSs page. 5. Select the device and then select the Configuration tab. The UCCS Configuration tab page appears.
6. Configure the displayed fields, as described in the following table:
April 2018 Deploying Avaya Equinox Solution 83 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Table 7: Configuring your UCCS server
Section Field Name Description Basic Name You can modify the name used to identify the Settings UCCS server. This is the name displayed in the list of UCCS servers. Location This is relevant only for service providers or deployments with multiple locations. You can modify the UCCS server’s location. Service FQDN Enter the fully qualified domain name (FQDN) of the service. Secure connection Select to secure access to the UCCS server web interface. You can do this only if you installed certificates for the media server, either from Equinox Management or from the media server interface (see Administrator Guide for the Scopia Elite MCU). NTP NTP Server The IP Address of the NTP server. Settings Time Zone The time zone in which the NTP server is located. Network DNS Server 1 The IP Address of the DNS server. Settings DNS Server 2 The IP Address of the backup DNS server, in the event that DNS Server 1 is not available. DNS Search List Enter the short name of the DNS server when the media server searches other sites; The system searches the DNS search list for the suffix. IP Address The IP Address of the UCCS server. Note: When the device is online, you can change its IP address in this field. Subnet Mask The subnet mask of the UCCS server. Default Gateway The default gateway of the UCCS server. Local FQDN The fully qualified domain name (FQDN) of the local UCCS server. 7. Select Apply.
April 2018 Deploying Avaya Equinox Solution 84 Comments on this document? [email protected] Securing Connections With Equinox Management
Securing Connections With Equinox Management This section describes the procedures that invoke certificates when working with Equinox Management. By default, Equinox Management applies a self-signed certificate for itself, other media servers, and application servers. For enhanced security, you can choose to replace the self-signed certificate with a third-party certificate. The required procedure for installing a third-party certificate is determined by the type of environment in which you are working, either all-in-one or distributed. When deploying Avaya Equinox in a Team Engagement (TE) environment, a single CA must be used for all components. When Avaya Equinox interacts with Avaya Aura, the Aura deployment certificates must use the same CA used by Avaya Equinox. Related links Applying a Third-Party Certificate to the All-in-One Equinox Management Server on page 85 Applying a Third-Party Certificate to the Distributed Equinox Management Server on page 90 Installing the CA Certificate for Avaya Equinox Meetings for Web on page 93
Applying a Third-Party Certificate to the All-in-One Equinox Management Server About this task You must generate a signed certificate to ensure a secure connection between Equinox Management and other components of your deployment. The Equinox Management server currently supports a bulit-in, self-generated certificate. For added security when setting the management server to work in TLS mode, it is recommended that you delete the existing certificate and upload a third-party certificate. Before you begin Ensure that you have successfully configured the all-in-one management server, as described in Configuring the All-In-One Equinox Management Server on page 68. Procedure 1. Access the Equinox Management administrator portal. 2. Select Settings > Security > Certificates. The Certificates page opens.
April 2018 Deploying Avaya Equinox Solution 85 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 41: Certificates Page 3. Select the New CSR button to create a new CSR. The Generate CSR dialog box opens.
Figure 42: Generate CSR Dialog Box
April 2018 Deploying Avaya Equinox Solution 86 Comments on this document? [email protected] Securing Connections With Equinox Management
Note: Ensure that the Common Name value is the Server FQDN or Public FQDN, and that the FQDN can be resolved on your DNS. 4. Enter your organization's details as described below:
Field Description Common Name Enter the Equinox Management FQDN, for example, rvcn-sm.company.com. For a redundancy deployment, the common name must be the public virtual FQDN. Subject Alternative Name Enter an FQDN or IP address as the subject alternative name for the CSR. If this field is left blank, the value of the Common Name field is used. Multiple SAN entries must be separated by a comma. Organization The name of the organization. Organization Unit The unit to which the organization belongs. City The city in which the organization is located. State The state in which the organization is located. Country code Enter the standard country code that consists of two characters, for example uk for United Kingdom or jp for Japan. This field is not case sensitive. Encryption Strategy Select the code for your organization's encryption strategy. Signature Algorithm Select the algorithm to use when generating the signature on the certificate. This algorithm is a combination of the private keys of both the CA and the device. 5. Select Generate CSR. A green check mark appears next to Step 1, and the Save button is enabled.
Figure 43: Certificates Page — Generated Certificate Indicator
April 2018 Deploying Avaya Equinox Solution 87 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
6. Select Save to save the CSR. A green check mark appears next to Step 2, and the Upload button is enabled. 7. Send the CSR to the Certificate Authority (CA) for signing. Do not proceed to the next step until you receive the signed certificate back from the CA. 8. Select Upload. A confirmation dialog box opens; select Yes to upload the certificate and overwrite the old one. 9. Select Apply All to apply the certificate. A dialog box appears, prompting you to restart the server.
Figure 44: Restart Dialog Box 10. Select Yes. The server restarts after 3–5 minutes. 11. Navigate to Settings > System Preference > Local Services. On the Local Services page, verify that the User Portal + Web Gateway status is Active.
Figure 45: Local Services Page — User Portal + Web Gateway Status Related links Securing Connections With Equinox Management on page 85 Configuring Equinox Management as a Certificate Authority on page 89
April 2018 Deploying Avaya Equinox Solution 88 Comments on this document? [email protected] Securing Connections With Equinox Management
Configuring Equinox Management as a Certificate Authority About this task Equinox Management can serve as a certificate authority to approve a certificate signing request (CSR). Procedure 1. Access the Equinox Management administrator portal. 2. Select Settings > Security > Certificates. The Certificates page appears.
Figure 46: Certificates Page 3. Select the arrow next to Certificate Authority to expand the section.
Figure 47: Certificate Authority Section 4. Paste the CSR into the text box, and select OK to download the certificate. Related links Applying a Third-Party Certificate to the All-in-One Equinox Management Server on page 85
April 2018 Deploying Avaya Equinox Solution 89 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Applying a Third-Party Certificate to the Distributed Equinox Management Server About this task For added security when setting the management server to work in TLS mode, it is recommended that you delete the existing certificate and upload a third-party certificate. Note: This step is optional. Before you begin Ensure that you have set up the distributed Equinox Management server, as described in Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper on page 70. Procedure 1. Navigate to Settings > Security > Certificates. The Certificates page appears.
Figure 48: Certificates Page 2. Select Delete and then select Yes in the confirmation dialog box to delete the existing Equinox Management certificate. The Certificates page refreshes.
April 2018 Deploying Avaya Equinox Solution 90 Comments on this document? [email protected] Securing Connections With Equinox Management
Figure 49: Certificates Page 3. Select the Create button to create a Certificate Signing Request (CSR) for the management server. The Generate CSR dialog box opens.
Figure 50: Generate CSR Dialog Box 4. Configure the relevant fields to create a CSR. Ensure that the Common Name field value is the server FQDN, resolvable on your DNS. When using redundancy mode, use the public FQDN instead of the server FQDN. Select Generate CSR.
April 2018 Deploying Avaya Equinox Solution 91 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
5. On the Certificates page, select Save to save the generated CSR. 6. Send the CSR to the Certificate Authority (CA) for signing. Do not proceed to the next step until you receive the signed certificate back from the CA. 7. Select Upload to upload the certificate to Equinox Management. Ensure that you upload both the CA root certificate (Root.cer) and the all-in-one certificate (allinone.cer).
Figure 51: Upload Certificates Dialog Box 8. Select Upload. 9. Select Apply All to apply the certificate. The resulting dialog box prompts you to restart your machine.
Figure 52: Restart Dialog Box 10. Select Yes. The server restarts after 3–5 minutes. 11. Navigate to Settings > System Preference > Local Services. On the Local Services page, verify that the User Portal + Web Gateway status is Active.
April 2018 Deploying Avaya Equinox Solution 92 Comments on this document? [email protected] Securing Connections With Equinox Management
Figure 53: Local Services Page — User Portal + Web Gateway Status Related links Securing Connections With Equinox Management on page 85
Installing the CA Certificate for Avaya Equinox Meetings for Web About this task This task describes the procedure for configurations that must be done on the user’s local PC during virtual deployment of Equinox Management. If you used the Avaya System Manager to sign the certificate created during configuration of the all-in-one Equinox Management server deployment (see Applying a Third-Party Certificate to the All-in-One Equinox Management Server on page 85) or if you used the internally signed certificate, you must install the root certificate on your client PC as a trusted root CA. Before you begin • Ensure that you have successfully deployed the Equinox Management server (Deployment of Equinox Management for OTT solution — Overview on page 41), and that you have configured the all-in-one management server for the new portal (Configuring the All-In-One Equinox Management Server on page 68). • Ensure that your client PC can resolve the all-in-one management server FQDN. Procedure 1. Access the Equinox Management administrator portal. 2. Navigate to Settings > Security > Certificates. The Certificates page opens.
April 2018 Deploying Avaya Equinox Solution 93 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 54: Certificates Page 3. Select the Equinox Management Certificate link, and select Open. The Certificate page appears.
Figure 55: Certificate Page 4. Select the Install Certificate button. The Certificate Import Wizard opens.
April 2018 Deploying Avaya Equinox Solution 94 Comments on this document? [email protected] Securing Connections With Equinox Management
Figure 56: Certificate Import Wizard — Page 1 5. Select Local Machine and then select Next. The second page of the wizard opens.
April 2018 Deploying Avaya Equinox Solution 95 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 57: Certificate Import Wizard — Page 2 6. Select Place all certificates in the following store and then select Browse to browse for a certificate store. Select Trusted Root Certification Authorities. 7. Select Next. The Completing the Certificate Import Wizard page opens.
April 2018 Deploying Avaya Equinox Solution 96 Comments on this document? [email protected] Securing Connections With Equinox Management
Figure 58: Completing the Certificate Import Wizard Page 8. Verify that your information is correct, and select Finish. 9. Open a Chrome browser window and accept the certificates located at the following links: • https://
Warning: If either of these URLs generates a warning message that your connection is not private, proceeding to the URL destination would likely lead to a security breach. 10. Access the local Unified Portal URL (https://
April 2018 Deploying Avaya Equinox Solution 97 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Customize icon and select Settings > Advanced Settings > Reset Settings, and select Reset in the Reset Settings dialog box).
Figure 59: Reset Settings Dialog Box 12. Restart the management server OVA, all media servers, and the gateway OVA. Related links Securing Connections With Equinox Management on page 85
Configuring User Portal / Web Gateway Settings About this task After generating a signed certificate, you configure User Portal / Web Gateway settings to complete the Equinox Management deployment. You can choose to accept the default settings, or customize your settings, as needed. However, you must verify that the Front End FQDN setting in the Client Connection section is the value specified during OVA deployment. Before you begin Ensure that you have successfully created a signed certificate, as described in Applying a Third- Party Certificate to the All-in-One Equinox Management Server on page 85. Procedure 1. Access the Equinox Management administrator portal. 2. Navigate to Settings > Devices > User Portal / Web Gateway. The User Portal / Web Gateway Setting page opens. 3. Configure the fields on the page, as described in the following table:
April 2018 Deploying Avaya Equinox Solution 98 Comments on this document? [email protected] Configuring User Portal / Web Gateway Settings
Table 8: User Portal / Web Gateway Setting Fields
Section Field Description General Allow recording guest access Select to enable guest users to record a conference. Allow portal guest access Select to enable Unified Portal users to access Equinox Management as a guest. Allow csa guest access Select to enable a csa user to access Equinox Management as a guest. Enable uploading picture Select to enable users to upload their picture into the system. Enable SSO Select to enable automatic login to the Unified Portal after logging into Equinox Management. Client Ranking Select the order in which Equinox Clients are chosen to host a meeting. Equinox Management Web Access URL Enter the URL to access Equinox Management on the web. IWA enabled Select to enable Integrated Windows Authentication (IWA) in your browser. When selecting this field, you must enter values for the following sub fields: • DNS Domain • KDC FQDN • KDC Port • Kerberos Realm • SPN • Key Tab File Avaya Equinox Use Microsoft Exchange Web Services Select to enable Equinox Client to Client (EWS) connect with the EWS. SSO with Equinox Client Select to enable automatic login to EWS when logging into Equinox Client. Exchange Server Address Enter the address of the exchange server. Exchange Server Domain Enter the domain of the exchange server. Upload the Installer Select this button to select an installer file to upload. The Add Installer dialog box appears, where you select the operating system, the name you wish to save the file as, the version, and (optionally) a description. Table continues…
April 2018 Deploying Avaya Equinox Solution 99 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Section Field Description
Figure 60: Add Installer Dialog Box Portal Setting Client Connection Frontend Scheme Select https Client Connection Frontend FQDN Verify that the value is the same as that specified during OVA deployment. Client Connection Frontend Port Enter 8443 Client Connection Frontend UPC Base Enter the path for the Unified Portal, URL typically /portal Client Connection Frontend UPS Base Enter the path for the Unified Portal URL server, typically /ups Client Connection Frontend SWC Base Enter the path for the WebRTC client, URL typically /uwd/dist Client Connection Web Gateway Base Enter the path for the Web Gateway, URL typically /csa Management Connection Frontend Select https Scheme Management Connection Frontend FQDN Enter the FQDN of the Web Gateway. Management Connection Frontend Port Enter 8445 (or 8446 for cores). Management Connection API Base URL Enter /csaconfig/resources/settings Web Gateway Video Bandwidth (Kbps) Enter 1280; the bandwidth value Setting specified represents the maximum allowed by the Avaya Aura® Web Gateway. To disable video, enter 0. Web Gateway WebRTC Audio Codec The order in which we want to use the Order indicated audio codecs offered to WebRTC clients. Web Gateway SIP Audio Codec Order The order in which we want to use the indicated audio codecs offered to SIP clients. Web Gateway WebRTC Video Codec The order in which we want to use the Order indicated video codecs offered to WebRTC clients. Table continues…
April 2018 Deploying Avaya Equinox Solution 100 Comments on this document? [email protected] Configuring User Portal / Web Gateway Settings
Section Field Description Web Gateway SIP Video Codec Order The order in which we want to use the indicated video codecs offered to SIP clients. Web Gateway SRTP Policy The SIP and SRTP security policy for sessions. • Select Best effort to attempt to establish secure SIP and SRTP connections. If the SIP endpoint does not support secure connections, unsecured connections are used. • Select Enforced to ensure that sessions establish only secure SIP and SRTP connections. If the SIP endpoint does not support secure connections, the session is not established. Web Gateway Opus Profile Select from the following options to define the audio bandwidth: • Constrained narrow band • Narrow band • Wide band Media Encryption Settings Select the ciphers that you want to support for media encryption. Advanced Settings Period to check for client updates (days) Enter the interval (in days) upon which the system checks for client updates. RTP Port Range Enter the range of RTP ports. The default value is 5004–5203. BFCP UDP Port Range Enter the range of BFCP UDP ports. The default value is 5204–5224. Note: To enable working with BFPC, you must disable the ENABLE_MSS_VIDEO setting in Avaya Aura® Device Services. For details, see Administering Avaya Aura® Device Services. 4. Configure settings on the Advanced tab, as described in the following table:
April 2018 Deploying Avaya Equinox Solution 101 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Table 9: Advanced Tab Fields
Section Field Description User Portal Allow recording guest access Select to enable guest users to record a conference. Allow portal guest access Select to enable Unified Portal users to access Equinox Management as a guest. Enable uploading picture Select to enable users to upload their picture into the system. Frontend UPC Base URL The path for the Unified Portal, typically / portal Frontend UPS Base URL The path for the Unified Portal server, typically /ups Frontend SWC Base URL The path for the WebRTC client, typically /uwd/dist Frontend Web Gateway Base URL The path for the Web Gateway, typically /csa IWA enabled Select to enable Integrated Windows Authentication (IWA) in your browser. When selecting this field, you must enter values for the following sub fields: • DNS Domain • KDC FQDN • KDC Port • Kerberos Realm • SPN • Key Tab File Web MeetMe Data Only Browser Version Browsers that do not support the Web Exclusion MeetMe Data Only client Web MeetMe WebRTC Browser Version Browsers that do not support Web Exclusion MeetMe RTC Web MeetMe WebRTC Browser Min The minimum browser version needed to Version support the Web MeetMe WebRTC Web MeetMe Data Only Browser Min The minimum browser version needed to Version support the Web MeetMe Data Only client Avaya Equinox Client MeetMe Min The minimum browser version needed to Version support Avaya Equinox Client MeetMe Avaya Equinox Client Aura Min Version The minimum browser version needed to support Avaya Equinox Client Aura Table continues…
April 2018 Deploying Avaya Equinox Solution 102 Comments on this document? [email protected] Updating a User License
Section Field Description Web Gateway Web Gateway WebRTC Audio Codec The order in which we want to use the Order indicated audio codecs offered to WebRTC clients. Web Gateway SIP Audio Codec Order The order in which we want to use the indicated audio codecs offered to SIP clients. Web Gateway WebRTC Video Codec The order in which we want to use the Order indicated video codecs offered to WebRTC clients. Web Gateway SIP Video Codec Order The order in which we want to use the indicated video codecs offered to SIP clients. Web Gateway SRTP Policy The SIP and SRTP security policy for sessions. • Select Best effort to attempt to establish secure SIP and SRTP connections. If the SIP endpoint does not support secure connections, unsecured connections are used. • Select Enforced to ensure that sessions establish only secure SIP and SRTP connections. If the SIP endpoint does not support secure connections, the session is not established. Web Gateway Opus Profile Select from the following options to define the audio bandwidth: • Constrained narrow band • Narrow band • Wide band Media Encryption Settings Select the ciphers that you want to support for media encryption. 5. Manually restart the all-in-one Equinox Management server: a. On the upper-right side of the page, select > Restart. b. Select Yes in the confirmation dialog box.
Updating a User License About this task This task describes how to update user license information.
April 2018 Deploying Avaya Equinox Solution 103 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Procedure 1. In Avaya Equinox Management, select > Licensing. The License Information page appears.
Figure 61: License Information Page
An explanation of the fields on this page appears in Table 10: License Information Page on page 104.
Table 10: License Information Page
Field Name Description Edition The license edition. License Status When value = Permanent, indicates that the activation key input is correct. When value = Temporary, the license is valid only for 30 days. Encryption Indicates whether the license is encrypted (true) or non-encrypted (false). UUID Together with the MAC Address, used to generate the user based license. MAC Address Together with the UUID, used to generate the user based license. Table continues…
April 2018 Deploying Avaya Equinox Solution 104 Comments on this document? [email protected] Switching Equinox Management from Port Based to User Based Licensing
Field Name Description Serial Number The license’s serial number. License Remaining Days The number of days remaining before the license expires. 2. To update the system with a new license, enter the license key in the Update field. 3. Select Apply.
Switching Equinox Management from Port Based to User Based Licensing About this task Enterprises can switch from a port-based licensing model to a user-based licensing model when upgrading from an OTT solution to a TE solution. This procedure explains how to switch Equinox Management from using port-based licenses to user-based licenses. Procedure 1. On your virtual machine, right-click the current Equinox Management server name and select Snapshot > Take Snapshot to back up your environment. (Optional)
Figure 62: Virtual Machine Backup
April 2018 Deploying Avaya Equinox Solution 105 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
2. Ensure that you have received the following from PLDS: • A user-based Equinox Management license. • A WebLM License file for Power Suite users. • Third-party video connectivity 3. Access the Equinox Management administrator portal. 4. Select Settings > System Preference > Local Services and ensure that the User Portal + Web Gateway is disabled.
Figure 63: Local Services Page 5. Apply a user-based license to Equinox Management, as described in Updating a User License on page 103. 6. On the WebLM server, upload the WebLM license file. 7. From the Equinox Management administrator portal, select Settings > Servers > License Server. The License Server page appears.
Figure 64: License Server Page
April 2018 Deploying Avaya Equinox Solution 106 Comments on this document? [email protected] Switching Equinox Management from Port Based to User Based Licensing
8. Select either Local WebLM or Custom WebLM, depending on the license you applied above. Ensure that the license you select has a green status (online). 9. On the License Information page, select > License Information, to open the License Information page. Ensure that the Power Suite Users and 3rd Party Video Connectivity licenses are displayed as expected.
Figure 65: License Information Page 10. Select Settings > Users > Profiles and select a profile. The User Profile page opens for the selected profile.
April 2018 Deploying Avaya Equinox Solution 107 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
Figure 66: User Profile Page 11. Select Power Suite User to designate the selected profile as one for licensed users. Only Power suite users have access to virtual rooms Note: The media server does not require a new user license.
Deploying and Configuring the Equinox Management Environment After deploying Avaya Equinox Management, you must deploy and configure your Equinox Management environment. Perform the following procedures: 1. Deploy and configure the media server and gateway (see the Equinox Media Server deployment chapter). 2. (Optional) Deploy and configure Avaya Equinox H.323 Edge server (see the Equinox H. 323 Edge deployment chapter). 3. (Optional) Deploy and configure Avaya Session Border Controller for Enterprise (see the Avaya Session Border Controller deployment chapter). 4. (Optional) Deploy and configure Avaya Equinox Streaming and Recording (see the Avaya Equinox Streaming and Recording deployment chapter). 5. (Optional) Deploy and configure an external H.323 Gatekeeper (see the Administrator Guide for Avaya Equinox Management).
April 2018 Deploying Avaya Equinox Solution 108 Comments on this document? [email protected] Troubleshooting
Once you have deployed these components, you can add them to the all-in-one Equinox Management server.
Troubleshooting This section helps you troubleshoot problems that may cause Equinox Management to perform less effectively than desired. Upgrade Failure If Equinox Management fails to upgrade from a previous version to the most recent version, verify that the package description file (either components-scopia-app-package.txt or components-media-server-package.txt) contains the following strings: [package] or name=management-server or name=media-server or name=application version=8.5.0.13 [component] You cannot upload an app server package to CMS, or a CMS package to an Equinox Management server. Change the MCU Log Level You may want to change the MCU log level to more precisely monitor the system behavior. To do so, perform the following actions: 1. In the MCU Web Portal, select the Settings icon and select Advanced Parameters. The Advanced Parameters page opens. 2. In the Unit Notify Level section, modify the value to 100, and select Apply. 3. Modify the log level using SSH, as follows: • [admin@MCU~]>rvcli • Avaya_Scopia_MCU>logLevelSet 0x100 • Multiple matches found for [logLevelSet] — specify the server or select: - mcu1
April 2018 Deploying Avaya Equinox Solution 109 Comments on this document? [email protected] Equinox Management Deployment for Over the Top (OTT) Solution
- map1
April 2018 Deploying Avaya Equinox Solution 110 Comments on this document? [email protected] Troubleshooting
Figure 67: Support Log Pack Page
2. In the Retrieve the Logs for section, select the relevant options for the logs you want to receive: • Equinox Management • Equinox Media Servers • Gateways • XT Endpoints • Management Nodes 3. In the Time Frame section, select a time period for which you want to capture logs. 4. Select Generate.
April 2018 Deploying Avaya Equinox Solution 111 Comments on this document? [email protected] Chapter 7: Equinox Management Deployment for Team Engagement (TE) solution
Deployment of Equinox Management for TE solution — Overview The Equinox Management Team Engagement (TE) Solution is intended for customers who already have deployed or plan to deploy a full Avaya UC platform that includes System Manager (SMGR), Session Manager (SM) 7.x, and all other Avaya UC components. These customers use the per named user business model and obtain Equinox as part of the Power Suite (permanent or subscription) licensing entitlement. In this deployment, the connection of third party videoconferencing terminals requires a specific enabling license, known as the Third Party Videoconferencing Connectivity. Each license enables 10 ports.
Checklist for Deploying Equinox Management in Team Engagement Use the following checklist for deploying the Equinox Management server in a Team Engagement (TE) solution.
# Action Link/Notes
1 Download software from the PLDS Downloading software from PLDS on page 46 2 Deploy the Equinox Management server Deploying the Equinox Management Server on page 47
Note:
The User Portal + Web Gateway component referenced in this topic is external to Equinox Management and is Table continues…
April 2018 Deploying Avaya Equinox Solution 112 Comments on this document? [email protected] Checklist for Deploying Equinox Management in Team Engagement
# Action Link/Notes
called Avaya Aura Web Gateway in TE deployments (see Deploying the Avaya Aura Web Gateway guide on the Avaya Support Site). 3 Log into Equinox Management Logging into Equinox Management on page 61 4 Configure Equinox Management Configuring the All-In-One Equinox Management Server on page 68 Note:
The User Portal + Web Gateway component referenced in this topic is external to Equinox Management and is called Avaya Aura Web Gateway in TE deployments (see Deploying the Avaya Aura Web Gateway guide on the Avaya Support Site). 5 Configure the H.323 Gatekeeper Configuring the Distributed Equinox Management Server as an H.323 Gatekeeper on page 70 6 Manage Licenses Managing Licenses Via the Web-based License Manager (WebLM) on page 115 7 Secure Connections Securing Connections With Equinox Management on page 85 8 Integrate Avaya Aura® Web Gateway and Deploying the Avaya Aura Web Equinox Management Gateway on page 114 9 Deploy and configure the Equinox Deploying and Configuring the Equinox Management environment Management Environment on page 108 10 Add Avaya Aura® users into Equinox Integrating Avaya Aura Users Into Management Equinox Management Via System Manager on page 122 11 Configure Session Manager to work with Configuring Session Manager for SIP-based Equinox B2BUA component Interoperability with the SIP-based Equinox B2BUA Component on page 130 12 Configure Equinox Management to work Configuring Equinox Management for with Avaya Aura® Interoperability with Avaya Aura on page 134
April 2018 Deploying Avaya Equinox Solution 113 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Deploying the Avaya Aura® Web Gateway The Avaya Aura® Web Gateway is an Aura server which acts as a gateway to Aura for clients and applications by utilizing browser-based WebRTC signaling and media. It consists of the following: • In Aura (Team Engagement/TE) deployments, the components of this gateway (the Unified Portal and Web Gateway) are provided in a separate OVA for deployment on a customer- supplied VMware environment. These components are shared and utilized by different Aura clients and applications. • In non-Aura (Over The Top/OTT) deployments, these components are hosted within Equinox Conferencing. For details on deploying the Avaya Aura® Gateway, Avaya Aura® media server configuration, and Avaya Aura® Device Services (AADS), see Deploying the Avaya Aura® Gateway on the Avaya Support Site. Related links Configuring the Avaya Aura Web Gateway in Equinox Management on page 114
Configuring the Avaya Aura Web Gateway in Equinox Management About this task This procedure describes how to configure Avaya Aura Web Gateway into Equinox Management in a Team Engagement (TE) environment. Procedure 1. Access the Equinox Management administrator portal. 2. Select Devices > Devices by Type > User Portals and select Add. The Add User Portal page appears. 3. Enter a name, IP address, and FQDN in the relevant fields. 4. Select Aura User Portal. 5. Select OK and wait for the user portal to connect. The user portal’s status displays as green. Note: If AAWG is a cluster with multiple nodes, all of the nodes must be added into Equinox Management. The IP Address should be the physical IP address of each node. Related links Deploying the Avaya Aura Web Gateway on page 114
April 2018 Deploying Avaya Equinox Solution 114 Comments on this document? [email protected] Managing Licenses Via the Web-based License Manager (WebLM)
Managing Licenses Via the Web-based License Manager (WebLM) Avaya provides a Web-based License Manager (WebLM) to manage licenses of one or more Avaya software products for your organization. WebLM facilitates easy tracking of licenses. To track and manage licenses in an organization, WebLM requires a license file from the Avaya Product Licensing and Delivery System (PLDS) web site at https://plds.avaya.com. The license file of a software product is in XML format and contains information regarding the product, the major release, the licensed features of the product, and the licensed capacities of each feature that you purchase. After purchasing a licensed Avaya software product, you must activate the license file for the product in PLDS and install the license file on the WebLM server. License activations in PLDS require the host ID of the WebLM server for inclusion in the license file. The host ID displays on the Server Properties page of the WebLM server. You can choose to manage your licenses with a local WebLM server or with an external WebLM server. The internal WebLM server conserves hardware resources, while the external WebLM server can be used to support redundancy and other Avaya products which are part of the deployment. Related links Installing a User License On the Local WebLM Server on page 115 Installing the User License On the External WebLM Server on page 118
Installing a User License On the Local WebLM Server About this task This procedure describes how to install a license on the local WebLM server. A local WebLM server is installed in the same application zone as the Equinox Management server. Before you begin • Deploy the Equinox Management OVA, as described in Deploying the Equinox Management Server on page 47. Procedure 1. Log into your local WebLM server, using the following URL: https://
April 2018 Deploying Avaya Equinox Solution 115 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Figure 68: Server Properties Page 3. Retrieve the license from the PLDS site. For details on using PLDS, see Getting Started with Avaya PLDS - Avaya Partners and Customers at https://plds.avaya.com. 4. Select Install license on the WebLM server UI. The Install License page appears.
Figure 69: Install License Page 5. Select Choose File in the Enter license path field, and after choosing your license file, select Install to install the license file. The Licensed Features page appears, where you verify the license status.
Figure 70: Licensed Features Page 6. Verify the license in Equinox Management, as follows: a. In the Equinox Management administrator portal, select Settings > Servers > License Server. The License Server page appears.
April 2018 Deploying Avaya Equinox Solution 116 Comments on this document? [email protected] Managing Licenses Via the Web-based License Manager (WebLM)
Figure 71: License Server Page b. Select Apply. c. Select > Restart to restart the Equinox Management server OVA. The local WebLM status displays with a green icon (active). d. To verify license installation, select > Licensing. The License Information page appears, displaying information on the installed license.
Figure 72: License Information Page
An explanation of the fields on this page appears in Table 11: License Information Page on page 117.
Table 11: License Information Page
Field Name Description Edition The license edition. Equinox Management Activation When value = Permanent, indicates that the Status activation key input is correct. When value = Temporary, the license is valid only for 30 days. Table continues…
April 2018 Deploying Avaya Equinox Solution 117 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Field Name Description Encryption Indicates whether the license is encrypted (true) or non-encrypted (false). Power Suite Licenses (users) The number of users who have recording privileges. Power suite license users also have their own virtual meeting room. 3rd Party Video Connectivity The number of third party (non-Avaya) video room systems that can connect to a conference. License Status • Normal: Indicates that there is no license error. • Error: Indicates that there is a license error. A grace period exists for the license, and the operation mode is normal. • Restricted: Indicates that there is a license error, the grace period has expired, and the operation mode is restricted. When the license status is Restricted, the administrator must request a new license and apply it to the license server. License Remaining Days The number of days remaining before the license expires. UUID Used to generate the user based license. MAC Address Used for displaying the user based license. Serial Number The license’s serial number. Related links Managing Licenses Via the Web-based License Manager (WebLM) on page 115
Installing the User License On the External WebLM Server About this task This procedure describes how to install the user license on the external WebLM server. Before you begin • Deploy the Equinox Management OVA, as described in Deploying the Equinox Management Server on page 47. Procedure 1. Update the Equinox Management server and remote WebLM server with third party certificates. Both certificates must be signed by the same server and have the same root certificate.
April 2018 Deploying Avaya Equinox Solution 118 Comments on this document? [email protected] Managing Licenses Via the Web-based License Manager (WebLM)
2. Log into the Avaya Aura® System Manager WebLM server, using the following URL: https://
Figure 73: Server Properties Page 4. Retrieve the license from the PLDS site. For details on using PLDS, see Getting Started with Avaya PLDS - Avaya Partners and Customers at https://plds.avaya.com. 5. Select Install license on the WebLM server UI. The Install License page appears.
Figure 74: Install License Page 6. Select Choose File in the Enter license path field, and after choosing your license file, select Install to install the license file. The Licensed Features page appears, where you verify the license status.
April 2018 Deploying Avaya Equinox Solution 119 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Figure 75: Licensed Features Page 7. In the Equinox Management administrator portal, select Settings > Servers > License Server, and select the Apply button. The License Server page appears. 8. Select Custom WebLM and enter the URL of your external WebLM server. The remote WebLM server status displays next to the URL field with a red icon (inactive). 9. Select Apply to restart and activate the server. The remote WebLM server status displays with a green icon (active).
Figure 76: License Server Page 10. Verify license installation by selecting > License Information. The License Information page appears, displaying information on the installed license.
April 2018 Deploying Avaya Equinox Solution 120 Comments on this document? [email protected] Managing Licenses Via the Web-based License Manager (WebLM)
Figure 77: License Information Page
An explanation of the fields on this page appears in Table 12: License Information Page on page 121.
Table 12: License Information Page
Field Name Description Edition The license edition. Equinox Management Activation Status When value = Permanent, indicates that the activation key input is correct. When value = Temporary, the license is valid only for 30 days. Encryption Indicates whether the license is encrypted (true) or non-encrypted (false). License Status • Normal: Indicates that there is no license error. • Error: Indicates that there is a license error. A grace period exists for the license, and the operation mode is normal. • Restricted: Indicates that there is a license error, the grace period has expired, and the operation mode is restricted. Table continues…
April 2018 Deploying Avaya Equinox Solution 121 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Field Name Description When the license status is Restricted, the administrator must request a new license and apply it to the license server. Power Suite Licenses (users) The number of users who have recording privileges. Power suite license users also have their own virtual meeting room. 3rd Party Video Connectivity The number of third party (non-Avaya) video room systems that can connect to a conference. License Remaining Days The number of days remaining before the license expires. UUID Used to generate the user based license. MAC Address Used for displaying the user based license. Serial Number The license’s serial number. 11. In the Activation Key field, enter the activation key for the Equinox Management server. 12. Select Apply to apply the activation key. Related links Managing Licenses Via the Web-based License Manager (WebLM) on page 115
Integrating Avaya Aura® Users Into Equinox Management Via System Manager System Manager is the central management system that delivers a set of shared management services and provides a common console for Avaya Aura® applications and systems. System Manager 7.0.1.3 is the primary management solution for Avaya Aura® 7.0.1.3 and is therefore required with all Avaya Aura® 7.0.1.3 deployments. The topics in this section explain the procedure for integrating Avaya Aura® users into Equinox Management. For information about configuring System Manager, see Administering Avaya Aura® System Manager on the Avaya Support Site. Related links Configuring the Equinox Conferencing Element in System Manager on page 123 Configuring SSO for Equinox Conferencing on page 126 Adding Avaya Aura Users in Equinox Management on page 129
April 2018 Deploying Avaya Equinox Solution 122 Comments on this document? [email protected] Integrating Avaya Aura® Users Into Equinox Management Via System Manager
Configuring the Equinox Conferencing Element in System Manager About this task This procedure describes how to configure the Equinox Conferencing element in the System Manager web console. For details on configuring the System Manager, see Administering Avaya Aura® System Manager for Release 7.0.1 on the Avaya Support Site. Note: Equinox Management is currently referred to as Equinox Conferencing in the System Manager web console. Procedure 1. On the System Manager web console, select Services > Inventory. The Inventory page appears.
Figure 78: System Manager — Inventory Page 2. In the left navigation pane, select Manage Elements. The Manage Elements page appears.
April 2018 Deploying Avaya Equinox Solution 123 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Figure 79: System Manager — Manage Elements Page 3. Select New. The New Elements page appears.
Figure 80: System Manager — New Elements Page 4. In the Type drop down, select Equinox Conferencing. The New Equinox Conferencing page appears. 5. On the General page, in the General section, configure the following fields: • Name • Type • Description • Node 6. On the General page, in the Access Profile section, select New. System Manager displays the Application System Supported Protocol section.
April 2018 Deploying Avaya Equinox Solution 124 Comments on this document? [email protected] Integrating Avaya Aura® Users Into Equinox Management Via System Manager
Figure 81: Application System Supported Protocol Section 7. In the Protocol field, select URI. System Manager displays the Access Profile Details section.
Figure 82: Access Profile Details Section 8. Configure the following fields: • Name • Access Profile Type • Protocol • Host • Port • Path • Order • Description 9. Select Save. System Manager displays the New Equinox Conferencing page.
April 2018 Deploying Avaya Equinox Solution 125 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Figure 83: New Equinox Conferencing Page 10. Select Commit. System Manager creates the new element. Next steps Configure SSO for Equinox Conferencing, as described in Configuring SSO for Equinox Conferencing on page 126. Related links Integrating Avaya Aura Users Into Equinox Management Via System Manager on page 122
Configuring SSO for Equinox Conferencing The procedures in this section describe the actions a System Manager administrator must perform to enable accessing Equinox Conferencing directly from the System Manager, without having to re-enter login information. Related links Integrating Avaya Aura Users Into Equinox Management Via System Manager on page 122 Downloading the System Manager CA Root Certificate on page 127 Exchanging CA Certificates Between System Manager and Avaya Equinox Management on page 127 Configuring SSO in Avaya Equinox Management on page 128
April 2018 Deploying Avaya Equinox Solution 126 Comments on this document? [email protected] Integrating Avaya Aura® Users Into Equinox Management Via System Manager
Downloading the System Manager CA Root Certificate About this task This task explains how to download the System Manager CA root certificate as a preliminary step for exchanging certificates between System Manager and Equinox Management. Procedure 1. On the System Manager web console, select Services > Security. The Security page appears.
Figure 84: System Manager — Security Page 2. Select the Certificates link and in the left navigation pane, select Certificates > Authority. 3. Select CA Functions > CA Structure & CRLs. 4. Select Download PEM file. The system downloads the .pem file onto your system. Related links Configuring SSO for Equinox Conferencing on page 126 Exchanging CA Certificates Between System Manager and Avaya Equinox Management About this task If the Avaya Equinox Management CA certificate is not issued by the System Manager CA, perform the following task. Procedure 1. Download the root CA certificate from System Manager. For more information, see Downloading the System Manager CA Root Certificate on page 127. 2. Log into the Equinox Management administrator portal. a. Select Settings > Security > Certificates to import the CA .pem file into Equinox Management. b. Select Advanced > Import.
April 2018 Deploying Avaya Equinox Solution 127 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
c. Select Add in the Import Certificates dialog box to select the downloaded CA .pem file, and select Apply. d. Restart Equinox Management. e. Select Settings > Security > Certificates to download the Equinox Management CA certificate. 3. On the System Manager web console, select Services > Inventory. a. In the left navigation pane, select Manage Elements. b. On the Manage Elements page, select the System Manager certificate and select More Actions > Manage Trusted Certificates. c. On the Manage Trusted Certificates page, select Add. d. On the Add Trusted Certificates page, select Import as PEM Certificate. e. Copy the content of the Avaya Equinox Management CA certificate and paste it in the field on the Add Trusted Certificates page. f. Select Commit. Related links Configuring SSO for Equinox Conferencing on page 126 Configuring SSO in Avaya Equinox Management Before you begin If the Avaya Equinox Management CA certificate is not issued by the System Manager CA, you must exchange CA certificates between Equinox Management and System Manager. For more information, see Exchanging CA Certificates Between System Manager and Avaya Equinox Management on page 127. Procedure 1. Access the Equinox Management administrator portal. 2. Select Settings > Unified Communications > Avaya Aura > . The Avaya Aura page appears.
April 2018 Deploying Avaya Equinox Solution 128 Comments on this document? [email protected] Integrating Avaya Aura® Users Into Equinox Management Via System Manager
Figure 85: Avaya Aura Page 3. Select the Enable System Manager Integration check box. The System Manager FQDN field is enabled. 4. Enter the FQDN of the System Manager. 5. Select Apply. A dialog box appears, prompting you to restart the system. Select Yes. Related links Configuring SSO for Equinox Conferencing on page 126
Adding Avaya Aura® Users in Equinox Management About this task You can add only one Avaya Aura® user with Equinox Management at a time. Repeat this procedure for each Avaya Aura® user you want to add. Note: For information on adding Avaya Aura® users in Equinox Management automatically, see the Migrating from Avaya Aura® to Avaya Equinox chapter in this guide. Before you begin Configure SSO for Equinox Conferencing, as described in Configuring SSO for Equinox Conferencing on page 126. Procedure 1. On the System Manager web console, select Users > User Management. 2. In the left navigation pane, select Manage Users.
April 2018 Deploying Avaya Equinox Solution 129 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
System Manager displays the User Management page. 3. To add a communication profile to an existing user, select the user and select Edit. System Manager displays the User Profile Edit page. 4. Select the Communication Profile tab. 5. Select the Equinox Conferencing check box, and configure the following fields: • Equinox User Password • Virtual Room Number 6. Select Commit. Related links Integrating Avaya Aura Users Into Equinox Management Via System Manager on page 122
Deploying and Configuring the Equinox Management Environment After deploying Avaya Equinox Management, you must deploy and configure your Equinox Management environment. Perform the following procedures: 1. Deploy and configure the media server and gateway (see the Equinox Media Server deployment chapter). 2. (Optional) Deploy and configure Avaya Equinox H.323 Edge server (see the Equinox H. 323 Edge deployment chapter). 3. (Optional) Deploy and configure Avaya Session Border Controller for Enterprise (see the Avaya Session Border Controller deployment chapter). 4. (Optional) Deploy and configure Avaya Equinox Streaming and Recording (see the Avaya Equinox Streaming and Recording deployment chapter). 5. (Optional) Deploy and configure an external H.323 Gatekeeper (see the Administrator Guide for Avaya Equinox Management). Once you have deployed these components, you can add them to the all-in-one Equinox Management server.
Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component The procedures in this section are guidelines on how to administer the system. Depending on your system’s configuration, parameter values may differ.
April 2018 Deploying Avaya Equinox Solution 130 Comments on this document? [email protected] Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component
Logging into System Manager In your browser’s address bar, enter the System Manager FQDN in the following format: http://
Adding a SIP Entity for the Equinox B2BUA Component Before you begin Log into System Manager by entering the following FQDN into your browser: http://
Table 13: SIP Entities Field Descriptions
Field Name Description Name The name of the SIP entity. FQDN or IP Address The FQDN or IP address of the Equinox B2BUA component. TYPE Enter SIP Trunk Adaptation Depending on the dial plan of the system, create and select an adaptation. Location The location of the B2BUA component. Time Zone The time zone of the B2BUA component’s location. 4. Select Commit. Related links Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component on page 130
April 2018 Deploying Avaya Equinox Solution 131 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Adding a SIP Entity Link/SIP Trunk For the Equinox B2BUA Component Before you begin Log into System Manager by entering the following FQDN into your browser: http://
Table 14: SIP Entity Link Field Descriptions
Field Name Description Name The name of the SIP entity. SIP Entity 1 Select the relevant Session Manager. Protocol Enter TCP Port Enter 5060 SIP Entity 2 Select the Equinox B2BUA component. Port Enter 5060 4. In the SIP Entity as Destination section, click Select. 5. Select the relevant Equinox B2BUA component, and click Select. 6. Select Commit. Related links Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component on page 130
Adding Routing Policies For the Equinox B2BUA Component Before you begin Log into System Manager by entering the following FQDN into your browser: http://
April 2018 Deploying Avaya Equinox Solution 132 Comments on this document? [email protected] Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component
3. In the Name field, enter a name for the routing policy. 4. In the SIP Entity as Destination section, click the Select button. 5. Select the relevant Equinox B2BUA component, and click the Select button. 6. Select Commit. Related links Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component on page 130
Adding Dial Patterns for the Equinox B2BUA Component Before you begin Log into System Manager by entering the following FQDN into your browser: http://
Table 15: Dial Pattern Field Descriptions
Field Name Description Pattern Enter a pattern, based on the system’s dial plan. Min Enter a value, based on the system’s dial plan. Max Enter a value, based on the system’s dial plan. 4. In the Originating Locations and Routing Policies section, select Add. 5. Select the relevant Originating Location and Routing Policy, and click the Select button. 6. Select Commit. Related links Configuring Session Manager for Interoperability with the SIP-based Equinox B2BUA Component on page 130
April 2018 Deploying Avaya Equinox Solution 133 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Configuring Equinox Management for Interoperability with Avaya Aura® The procedures in this section describe how to log into Equinox Management, how to add a SIP trunk from the Equinox B2BUA component to Session Manager, and how to change the default SIP domain in Equinox Management. Logging into Equinox Management In your browser’s address bar, enter the Equinox Management FQDN in the following format: http://
Adding a SIP Trunk from the Equinox B2BUA Component to Session Manager Before you begin Log into Equinox Management by entering the following FQDN in your browser: http://
April 2018 Deploying Avaya Equinox Solution 134 Comments on this document? [email protected] Configuring Equinox Management for Interoperability with Avaya Aura®
Table 16: SIP Entities Field Descriptions
Field Name Description Name The name for the Session Manager. IP Address/FQDN The IP address of the SIP entity of Session Manager. Port Enter 5060 Transport Type Enter TCP Model Enter Avaya Aura SIP Domain Enter the SIP domain configured in System Manager. Location Select the appropriate location. 4. Select OK to submit. Related links Adding a SIP Trunk from the Equinox B2BUA Component to Session Manager on page 134
Changing the Default SIP Domain in Equinox Management About this task You can change the default SIP domain in the From header of Scopia Elite MCU calls to match the domain administered in Avaya Aura®. Procedure 1. Access the Equinox Management administrator portal. 2. Select Settings > Meetings > Policies. The Meeting Policies page appears.
April 2018 Deploying Avaya Equinox Solution 135 Comments on this document? [email protected] Equinox Management Deployment for Team Engagement (TE) solution
Figure 86: Meeting Policies Page 3. Enter the default SIP domain in the Default SIP Domain field. 4. Select Apply. Related links Configuring Equinox Management for Interoperability with Avaya Aura on page 134
Configuring Ad Hoc Conferencing in a Team Engagement (TE) Environment About this task You can create an ad hoc conference that begins in the specified user’s virtual room. Before configuring an ad hoc conference in a Team Engagement (TE) environment, you must configure Equinox Client and Avaya Communication Manager settings.
April 2018 Deploying Avaya Equinox Solution 136 Comments on this document? [email protected] Chapter 8: Equinox Media Server deployment
Equinox Media Server overview Avaya Equinox Media Server is a virtual media server with the following built-in components for media processing and real-time collaboration:
Component Supports MCU • Transcoding and composition of video • Audio and video support for WebRTC-based thin clients • Web collaboration Media server • High-scale audio • WebRTC gateway Web collaboration server Web collaboration
Equinox Media Server processes all media on the server CPU and does not need media accelerator blades. Equinox Media Server supports multiple technologies for processing audio and video, such as transcoding and switching, and is compatible with different types of enterprise deployments. Equinox Media Server is part of the Avaya Equinox solution. Components of Avaya Equinox can be combined to fit the existing network topology and video conferencing requirements of the organization. Equinox Media Server is required in the Over The Top and Team Engagement deployments of Avaya Equinox. You can configure Equinox Media Server as a master or slave server in distributed enterprise networks to support high-quality video or high-capacity audio, along with web collaboration. You can configure Equinox Media Server as a dedicated web collaboration server. You can also configure Equinox Media Server as a cascaded gateway to Scopia® Elite 6000 MCU. As a cascaded gateway, Equinox Media Server acts as a WebRTC gateway or as a dedicated web collaboration server. The performance and capacity of each Equinox Media Server deployment depends on the physical cores, RAM, disk space, and the network interfaces allocated to the virtual machine.
April 2018 Deploying Avaya Equinox Solution 137 Comments on this document? [email protected] Equinox Media Server deployment
Equinox Media Server deployment checklist
No. Task Link/Notes
1 Download the Equinox Media Server See Downloading software from software from Avaya PLDS. PLDS on page 46 2 Deploy the Equinox Media Server virtual See Deploying the Equinox Media machine. Server virtual machine on page 145 3 Start the Equinox Media Server virtual See Starting the Equinox Media machine. Server virtual machine on page 149 4 Configure the Equinox Media Server IP See Configuring the Equinox Media addresses using vSphere Client. Server IP addresses using vSphere Client Console on page 149 This step is required only if you do not use vCenter. 5 Configure the Equinox Media Server See Configuring the virtual machine virtual machine automatic startup settings. automatic startup settings on page 151 6 Add Equinox Media Server in Equinox See Adding Equinox Media Server in Management Equinox Management on page 165 7 Configure the Equinox Media Server See Configuring the Equinox Media network settings. Server network settings on page 167
Equinox Media Server on AWS deployment checklist
No. Task Link/Notes
1 Download the software from Avaya PLDS Downloading software from PLDS on page 46 2 Log in to AWS Management Console. Signing in to the Amazon Web Services Management console on page 151 3 Create a key pair on AWS Management Creating a key pair on page 152 Console. 4 Create a bucket for uploading the OVAs Creating a bucket for uploading the for AMI conversion. OVAs for AMI conversion on page 153 5 Upload the Equinox Media Server AMI. Uploading the Equinox Media Server OVA on page 154 6 Create a Linux Amazon EC2 virtual Creating a Linux Amazon EC2 virtual server instance. server instance on page 154 Table continues…
April 2018 Deploying Avaya Equinox Solution 138 Comments on this document? [email protected] Equinox Media Server video conferencing mode administration checklist
No. Task Link/Notes
7 Create a user access key. Creating a user access key on page 156 8 Get the virtual server instance user ID. Obtaining the virtual server instance user ID on page 156 9 Import the OVA for AMI conversion. Importing the OVA for AMI conversion on page 156 10 Create an IAM role for the takeover of the Creating an IAM role for the takeover floating IP address. of the floating IP address on page 159 11 Launch an Amazon EC2 instance. Launching an Amazon EC2 instance on page 161 12 Deploy the Equinox Media Server AMI. Deploying the Equinox Media Server AMI on page 161 13 Configure Equinox Media Server on AWS Configuring Equinox Media Server on AWS on page 163
Equinox Media Server video conferencing mode administration checklist Use this checklist to configure Equinox Media Server as a media server for video conferencing and web collaboration.
No. Task Link/Notes
1 Deploy the Equinox Media Server virtual See Deploying the Equinox Media machine. Server virtual machine on page 145 2 Start the Equinox Media Server virtual See Starting the Equinox Media machine. Server virtual machine on page 149 3 Configure the Equinox Media Server IP See Configuring the Equinox Media addresses using vSphere Client. Server IP addresses using vSphere Client Console on page 149 This step is required only if you do not use vCenter. 4 Add Equinox Media Server in Equinox See Adding Equinox Media Server in Management Equinox Management on page 165 5 Update the Equinox Media Server video See Adding or updating the Equinox conferencing and web collaboration Media Server licenses on page 169 license.
April 2018 Deploying Avaya Equinox Solution 139 Comments on this document? [email protected] Equinox Media Server deployment
Equinox Media Server audio-only conferencing mode administration checklist Use this checklist to configure Equinox Media Server as a media server for audio-only conferencing and web collaboration.
No. Task Link/Notes
1 Deploy the Equinox Media Server virtual See Deploying the Equinox Media machine. Server virtual machine on page 145 2 Start the Equinox Media Server virtual See Starting the Equinox Media machine. Server virtual machine on page 149 3 Configure the Equinox Media Server IP See Configuring the Equinox Media addresses using vSphere Client Console. Server IP addresses using vSphere Client Console on page 149 This step is required only if you do not use vCenter. 4 Add Equinox Media Server in Equinox See Adding Equinox Media Server in Management. Equinox Management on page 165 5 Update the Equinox Media Server audio- See Adding or updating the Equinox only conferencing and web collaboration Media Server licenses on page 169 license. 6 Install security certificates for TLS. See Creating security certificates on page 172 and Uploading security certificates on page 173 7 Secure the connection between Equinox See Securing the connection with Media Server and Equinox Management. Equinox Management using TLS on page 174 8 Change the working mode of Equinox See Changing the Equinox Media Media Server to High Capacity Audio + Server working mode on page 170 Web Collaboration. 9 Upload the audio prompts. See Customizing audio messages on page 171
Equinox Media Server web collaboration mode administration checklist Use this checklist to configure Equinox Media Server as a media server for only web collaboration.
April 2018 Deploying Avaya Equinox Solution 140 Comments on this document? [email protected] Equinox Media Server WebRTC gateway administration checklist
No. Task Link/Notes
1 Deploy the Equinox Media Server virtual See Deploying the Equinox Media machine. Server virtual machine on page 145 2 Start the Equinox Media Server virtual See Starting the Equinox Media machine. Server virtual machine on page 149 3 Configure the Equinox Media Server IP See Configuring the Equinox Media addresses using vSphere Client Console. Server IP addresses using vSphere Client Console on page 149 This step is required only if you do not use vCenter. 4 Add Equinox Media Server in Equinox See Adding Equinox Media Server in Management. Equinox Management on page 165 5 Update the Equinox Media Server web See Adding or updating the Equinox collaboration-only license. Media Server licenses on page 169
Equinox Media Server WebRTC gateway administration checklist Use this checklist to configure Equinox Media Server as a WebRTC gateway.
No. Task Link/Notes
1 Deploy the Equinox Media Server virtual See Deploying the Equinox Media machine. Server virtual machine on page 145 2 Start the Equinox Media Server virtual See Starting the Equinox Media machine. Server virtual machine on page 149 3 Configure the Equinox Media Server IP See Configuring the Equinox Media addresses using vSphere Client Console. Server IP addresses using vSphere Client Console on page 149 This step is required only if you do not use vCenter. 4 Add Equinox Media Server as a gateway See Adding Equinox Media Server as in Equinox Management. a gateway on page 166 5 Update the Equinox Media Server See Adding or updating the Equinox WebRTC-only license. Media Server licenses on page 169 6 Install security certificates for TLS. See Creating security certificates on page 172 and Uploading security certificates on page 173 7 Secure the connection between Equinox See Securing the connection with Media Server and Equinox Management. Equinox Management using TLS on page 174
April 2018 Deploying Avaya Equinox Solution 141 Comments on this document? [email protected] Equinox Media Server deployment
Technical specifications Note • The Low configuration deployment is only for migrations from existing Avaya Aura® Conferencing deployments when you need to use the existing server. The Low configuration applies only to Avaya Equinox Team Engagement deployments and supports a maximum of 200 audio-only ports with web collaboration. • In the Full Audio, Video, and Web Collaboration working mode, the maximum supported ports for 720p*30fps video is exclusive of audio ports. • In the High Capacity Audio and Web Collaboration mode, the maximum supported ports for audio in each deployment type also includes support for web collaboration. Deployment configuration-wise hardware server requirement Requirement Ultra High High Medium Low configuration configuration configuration configuration Server CPU 2.5 GHz * 24 cores 2.5 GHz * 16 cores 2.0 GHz * 12 cores 2.0 GHz * 6 cores (processor * physical cores) RAM in GB 64 32 24 12 2.5” SAS hard disk 120 120 120 120 capacity in GB Maximum licenses 4 2 1 Audio-only licenses applicable in Over The Top deployments Maximum 40 ports for 20 ports for 10 ports for 200 ports for audio supported ports 720p*30fps video 720p*30fps video 720p*30fps video or or or 2000 ports for 1000 ports for 500 ports for audio audio audio
Deployment configuration-wise virtual machine requirement Requirement Ultra High High Medium Low configuration configuration configuration configuration Server CPU 2.5 GHz * 24 cores 2.5 GHz * 16 cores 2.0 GHz * 12 cores 2.0 GHz * 6 cores (processor speed * physical cores) Virtual cores 48 32 12 6 CPU reservation in 55000 35000 21900 9900 MHz RAM reservation in 58 20 14 10 GB Table continues…
April 2018 Deploying Avaya Equinox Solution 142 Comments on this document? [email protected] Capacity and scalability
Requirement Ultra High High Medium Low configuration configuration configuration configuration Disk space 120 120 120 120 reservation in GB NIC 2 2 2 2 Maximum licenses 4 2 1 Audio-only licenses applicable in Over The Top deployment Maximum 40 ports for 20 ports for 10 ports for 200 ports for audio supported ports 720p*30 video 720p*30 video 720p*30 video or or or 2000 ports for 1000 ports for 500 ports for audio audio audio
Capacity and scalability Full Audio, Video, and Web Collaboration mode ports capacity The port allocation is based on the resources that each user needs. Different users need different amount of resources based on the video resolution of the connections. Meetings can have multiple users that need a different amount of resources based on the video resolution of the connection. For example, users with connections at 480p*30fps video resolution use 25% of the resources of users with connections at 1080p*30fps video resolutions or 50% of the resources of users with connections at 720p*30fps. Equinox Media Server supports 1080p*60fps and 720p*60fps video resolutions as optional features. You must manually enable the video resolutions for video calls.
Port- User- Video Audio Web Deployme based based 1080p*30f 720p*30fp 480p*30fp using G. collaborati nt licenses licenses ps using s using H. s using H. 711 codec on configurat for Over for Avaya H.264 264 codec 264 codec ion ® The Top Aura codec or or deployme Power 720p*30fp 480p*30fp nts Suite s using s using deployme VP8 codec VP8 codec nts 4 16 20 40 80 80 80 Ultra High 3 12 15 30 60 60 60 Ultra High 2 8 10 20 40 40 40 High 1 4 5 10 20 20 20 Medium
April 2018 Deploying Avaya Equinox Solution 143 Comments on this document? [email protected] Equinox Media Server deployment
High Capacity Audio and Web Collaboration mode ports capacity The Low configuration deployment is only for migrations from existing Avaya Aura® Conferencing deployments when you need to use the existing server. The Low configuration applies only to Avaya Equinox Team Engagement deployments and supports a maximum of 200 audio-only ports with web collaboration.
Port-based User-based Audio using G.711 Web collaboration Deployment licenses for Over licenses for codec configuration The Top Avaya Aura® deployments Power Suite deployments 4 16 2000 2000 Ultra High 3 12 1500 1500 Ultra High 2 8 1000 1000 High 1 4 500 500 Medium Migrations from — 200 200 Low existing Avaya Aura® Conferencing deployments
Downloading software from PLDS When you place an order for an Avaya PLDS-licensed software product, PLDS creates the license entitlements of the order and sends an email notification to you. The email includes a license activation code (LAC) and instructions for accessing and logging into PLDS. Use the LAC to locate and download the purchased license entitlements. In addition to PLDS, you can download the product software from http://support.avaya.com using the Downloads and Documents tab at the top of the page. Note: Only the latest service pack for each release is posted on the support site. Previous service packs are available only through PLDS. Procedure 1. Enter http://plds.avaya.com in your Web browser to access the Avaya PLDS website. 2. Enter your login ID and password. 3. On the PLDS home page, select Assets. 4. Click View Downloads. 5. Click on the search icon (magnifying glass) for Company Name. 6. In the %Name field, enter Avaya or the Partner company name.
April 2018 Deploying Avaya Equinox Solution 144 Comments on this document? [email protected] Deploying the Equinox Media Server OVA
7. Click Search Companies. 8. Locate the correct entry and click the Select link. 9. Enter the Download Pub ID. 10. Click Search Downloads. 11. Scroll down to the entry for the download file and click the Download link. 12. In the Download Manager box, click the appropriate download link. Note: The first link, Click to download your file now, uses the Download Manager to download the file. The Download Manager provides features to manage the download (stop, resume, auto checksum). The click here link uses your standard browser download and does not provide the download integrity features. 13. If you use Internet Explorer and get an error message, click the install ActiveX message at the top of the page and continue with the download. 14. Select a location where you want to save the file and click Save. 15. If you used the Download Manager, click Details to view the download progress.
Deploying the Equinox Media Server OVA
Deploying the Equinox Media Server virtual machine About this task The Equinox Media Server virtual machine software for VMware is available in the .OVA package format. You can install the OVA file using vSphere Client. The virtual machine configuration file and virtual disk files are stored on a data store. The data store can be local to the host or a mounted shared storage, such as NFS or SAN. If multiple virtual machine networks are configured on the host ESXi server, you must associate networks specified in the OVA with networks available on the host server. Before you begin • Download the Equinox Media Server OVA to your computer. • Ensure that the VMware ESXi host server software is Release 5.5, 6.0, or 6.5. Procedure 1. Log in to vSphere Client. 2. Select the host ESXi server to deploy the Equinox Media Server virtual machine.
April 2018 Deploying Avaya Equinox Solution 145 Comments on this document? [email protected] Equinox Media Server deployment
If you do not choose a host server before deploying the virtual machine, vSphere Client prompts you for the host or cluster name to deploy the virtual machine. 3. Click File > Deploy OVF Template. 4. Do one of the following to deploy the Equinox Media Server OVF package: • Click Browse and provide the Equinox Media Server OVA file location. • In the Deploy from a file or URL field, enter the full URL of the HTTP server where the Equinox Media Server OVA file is located. 5. Click Next to display the OVF Template Details window. 6. Verify the details of the OVA template, and click Next.
7. Read the license agreement, and click Accept.
April 2018 Deploying Avaya Equinox Solution 146 Comments on this document? [email protected] Deploying the Equinox Media Server OVA
8. Click Next. 9. In the Name field, enter the name of the new virtual machine. 10. Select Inventory Location from the inventory location tree where you want this virtual machine to reside. 11. Select the deployment capacity from the Configuration drop-down list. The deployment capacity must be within the server hardware limits and the license capacity. 12. Click Next to display the Storage window. 13. Select a data store location to store the virtual machine files. Select a data store large enough to accommodate the virtual machine and the virtual disk files. 14. Click Next to display the Disk Format window. 15. Select Thin Provision, and click Next. If the host server has multiple virtual machine networks, vSphere Client displays the Network Mapping window to associate networks specified in the OVA with the networks on the host server. 16. (Optional) From the Destination Network drop-down list, select a network option, and click Next. vSphere Client displays the Properties window. 17. Configure the following IP addresses: • Default Gateway • Public IP Address • Public Netmask This configuration is for the internal network. To configure IP separation, you must configure the secondary IP addresses for the external network in Equinox Management after the deployment. Note: vSphere Client displays the Properties window to configure IP addresses only if you use vCenter. If you do not use vCenter, you must configure the IP addresses in the vSphere console only after the Equinox Media Server virtual machine deployment is complete.
April 2018 Deploying Avaya Equinox Solution 147 Comments on this document? [email protected] Equinox Media Server deployment
18. Click Next to display the Ready to Complete window.
19. Verify the deployment settings, and click Finish. Result vSphere Client starts the Equinox Media Server OVA deployment. Related links Configuring the Equinox Media Server IP addresses using vSphere Client Console on page 149 Configuring the Equinox Media Server network settings on page 167
April 2018 Deploying Avaya Equinox Solution 148 Comments on this document? [email protected] Deploying the Equinox Media Server OVA
Starting the Equinox Media Server virtual machine Before you begin Deploy the Equinox Media Server virtual machine. Procedure 1. Log in to vSphere Client. 2. Click Inventory. 3. Click Virtual Machine > Power > Power On. The Equinox Media Server virtual machine starts.
Configuring the Equinox Media Server IP addresses using vSphere Client Console About this task If you do not use vCenter, you must configure the IP addresses in vSphere Client Console after the Equinox Media Server virtual machine deployment is complete Before you begin Start the Equinox Media Server virtual machine. Procedure 1. Log in to vSphere Client. 2. Click Inventory > Hosts and Clusters.
April 2018 Deploying Avaya Equinox Solution 149 Comments on this document? [email protected] Equinox Media Server deployment
3. Right-click the virtual machine, and click Open Console.
vSphere Client displays the main menu of the console. 4. Type N to configure the network port values. 5. Type 2 to configure the IP addresses. 6. Configure the IP addresses, and type Q to quit the console. Result vSphere Client restarts the virtual machine. Related links Configuring the Equinox Media Server network settings on page 167
April 2018 Deploying Avaya Equinox Solution 150 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
Configuring the virtual machine automatic startup settings on VMware About this task When a vSphere ESXi host restarts after a power failure, the virtual machines that are deployed on the host do not start automatically. You must configure the virtual machines to start automatically. In high availability (HA) clusters, the VMware HA software ignores the startup selections. Before you begin Verify with the system administrator that you have the proper level of permissions to configure the automatic startup settings. Procedure 1. In the Web browser, type the vSphere vCenter host URL. 2. Click Hosts and Clusters or VMs and Templates icon. 3. In the left pane, select the host where the virtual machine is located. 4. Click Configure. 5. Under Virtual Machines, select VM Startup/Shutdown, and click Edit. The system displays the Edit VM Startup and Shutdown window. 6. Select Automatically start and stop the virtual machines with the system. 7. Click OK.
Deploying Equinox Media Server on AWS
Signing in to the Amazon Web Services Management console Before you begin Ensure that you have an AWS account. Procedure 1. In your web browser, type the URL https://aws.amazon.com/. 2. Click Sign In to the Console. The system displays the Amazon Web Service page and auto-populates the Account field. 3. In the User Name field, type the user name or registered email ID.
April 2018 Deploying Avaya Equinox Solution 151 Comments on this document? [email protected] Equinox Media Server deployment
4. In the Password field, type the password. 5. Click Sign In. The system displays the AWS Management Console page.
Creating a key pair About this task A key pair is a set of public and private keys. The public key is used to encrypt data, such as the login password. The private key is used to decrypt the encrypted data. You provide this key pair when you create a CloudFormation stack, and use it for SSH access to the Amazon Machine Instances. Procedure 1. Sign in to the Amazon Web Services Management console. 2. In the left navigation pane, go to NETWORK & SECURITY, and click Key Pairs. 3. Click Create Key Pair. 4. In the Create Key Pair dialog box, in the Key pair name field, type a name for the key pair. 5. Click Create. The system generates a *.pem file and prompts you to save the file on your computer. You can also view the created key pair name in the Key pair name column. 6. Save the *.pem file. Important: When you create a key pair, save it. If you lose the key, you cannot retrieve it and you will not be able to access the instance.
Configuring PuTTY Converting the *.pem file to the *.ppk format Before you begin Download the PuTTYGen software. Procedure 1. Double-click the downloaded puttygen.exe file. 2. In the PuTTY Key Generator dialog box, click Conversions > Import key.. 3. On Load private key, select a .pem file from your local computer, and click Open. The system displays the key in the Key section.
April 2018 Deploying Avaya Equinox Solution 152 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
4. Click Generate. The system takes a few minutes. 5. Click Save private key. Configuring PuTTY for an SSH session Before you begin Convert the *.pem file to the *.ppk format. Procedure 1. Open a PuTTY session for SSH. 2. On the PuTTY Configuration dialog box, in the left navigation pane, click Connections > SSH > Auth. 3. In the Authentication parameters section, click Browse. 4. On Select a private key, select a .ppk file from your local computer, and click Open. Signing in to the Amazon EC2 virtual server instance Before you begin • Convert the *.pem file to the *.ppk format. • Configure PuTTY for an SSH session Procedure 1. Open a PuTTY session for SSH. 2. On the PuTTY Configuration dialog box, in the left navigation pane, click Session. 3. In Host Name (or IP Address), type admin@
Creating a bucket for uploading the OVAs for AMI conversion Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Storage, and click S3. The system displays the S3 Management Console page. 3. Click Create bucket. The system displays the Create bucket dialog box. 4. In Bucket name, type a unique bucket name. Only use lowercase letters for the name.
April 2018 Deploying Avaya Equinox Solution 153 Comments on this document? [email protected] Equinox Media Server deployment
5. In the Region field, click a region for your bucket. For more information about creating a bucket and selecting a region, see Amazon S3 Documentation. 6. Click Create.
Uploading the Equinox Media Server OVA Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Storage, and click S3. The system displays the S3 Management Console page. 3. From the All Buckets section, select a bucket. 4. Click Upload. The system displays the Upload - Select Files and Folders dialog box. 5. Click Add Files. 6. On the Choose File to Upload dialog box, select the Equinox Media Server OVA file from your local system, and click Open. 7. Click Start Upload.
Creating a Linux Amazon EC2 virtual server instance Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Compute, and click EC2. The system displays the EC2 Management Console page. 3. Click Launch Instance. 4. On the Choose an Amazon Machine Image (AMI) page, search for a Linux AMI, and click Select. You must select an image that includes the AWS command line tools. 5. On the Choose an Instance Type page, select an instance type, and click Next: Configure Instance Details. 6. On the Configure Instance Details page, do the following: a. In the Network field, click a VPC network. b. In the Network interfaces section, assign an IP address.
April 2018 Deploying Avaya Equinox Solution 154 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
7. Click Next: Add Storage. 8. On the Add Storage page, leave the default settings, and click Next: Add Tags. 9. On the Add Tags page, add a tag, and click Next: Configure Security Group. 10. On the Configure Security Group page, create a new security group or select an existing security group, and click Review and Launch. 11. On the Review Instance Launch page, review the details of each configuration, and then click Launch. 12. On the Select an existing key pair or create a new key pair dialog box, select one of the following options: • Choose an existing key pair: If you select this option, perform the following: a. From the Select a key pair drop-down list, select a key pair. b. Select the I acknowledge that I have access to the selected private key file (
April 2018 Deploying Avaya Equinox Solution 155 Comments on this document? [email protected] Equinox Media Server deployment
Creating a user access key Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Security, Identity & Compliance, and click IAM. The system displays the Welcome to Identity and Access Management page. 3. In the left navigation pane, click Users. 4. Click on a user name. 5. On the Summary page, click the Security Credentials tab. 6. In the Access Keys section, click Create Access Key. The system displays the message: Your access key has been created successfully. Important: When you create a security access key, you must save it. If you lose the security access key, you cannot retrieve it.
Obtaining the virtual server instance user ID Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Compute, and click EC2. The system displays the EC2 Management Console page. 3. In the left navigation pane, click Instances. 4. Select a server instance, and click Connect. 5. On the Connect To your Instance page, view the user ID. Example: ssh -i "example.pem" ec2-user@
Importing the OVA for AMI conversion Before you begin • Create an access key. For more information, see “Creating an access key”.
April 2018 Deploying Avaya Equinox Solution 156 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
• Obtain the user id. For more information, see “Obtaining the virtual server instance user id”. • Converting the *.pem file to the *.ppk format and configure PuTTY for establishing an SSH connection. For more information, see “Configuring PuTTY”. Procedure 1. Open an SSH session. 2. In Host Name (or IP address), type the IP Address of the virtual server instance, and click Open. 3. Log in to the Linux server, and run the command: aws. 4. To configure the AWS details, run the command: aws configure, and do the following: a. In AWS Access Key ID, type the AWS access key ID. b. In AWS Secret Access Key, type the AWS secret access key ID. c. In Default region name, type the region name. For example: us-west-2. d. In Default output format, type text or json. 5. To check whether the EC2 instance is ready to use, run the command: aws s3 ls. The system displays the S3 bucket that you created. 6. To view the content of the S3 bucket, run the command: aws s3 ls s3://
April 2018 Deploying Avaya Equinox Solution 157 Comments on this document? [email protected] Equinox Media Server deployment
"Statement":[ { "Effect":"Allow", "Action":[ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource":[ "arn:aws:s3:::
April 2018 Deploying Avaya Equinox Solution 158 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
The conversion process takes up to 30 minutes. You can run the above command repeatedly. When the AMI conversion is successful, the system displays the Status as completed and also displays ImageId. In the following example, the process is at the update stage and is 30% complete. [ec2-user@ip-10-143-10-81 ~]$ aws ec2 describe-import-image-tasks --cli-input- json "{ \"ImportTaskIds\": [\"import-ami-ffgji45r\"], \"NextToken\": \"abc\", \"MaxResults\": 10 } " IMPORTIMAGETASKS CM-Simplex-07.1.0.0.xxx-aws-001.ova import-ami-ffgji45r 30 active updating In the following example, the process is preparing the AMI and is 76% complete. IMPORTIMAGETASKS x86_64 CM-Simplex-07.1.0.0.xxx-aws-001.ova import-ami-ffgji45r BYOL Linux 76 active preparing ami The output format varies depending on the selection of the text or JSON format on the aws CLI configuration. For more details, see “AWS Import your VM as an image” on the AWS website at http:// docs.aws.amazon.com/vm-import/latest/userguide/import-vm-image.html. 10. Sign in to the Amazon Web Services Management console. 11. Go to Services > Compute, and click EC2. The system displays the EC2 Management Console page. 12. In the left navigation pane, click IMAGES > AMIs. You can search the converted AMI with ImageId. The system displays the newly converted AMI ImageId in the AMI ID column. You can give an appropriate name for the AMI ImageId.
Creating an IAM role for the takeover of the floating IP address About this task You need to create the IAM role only once. You can use this IAM role for multiple Amazon EC2 launches to run CLI in AWS accounts. Before you begin Convert the Equinox Media Server OVA to AWS AMI. Procedure 1. Open an SSH session. 2. In the Host Name (or IP address) field, type the IP Address of the virtual server instance, and click Open. 3. Log in to the Linux server. For converting the *.pem file to the *.ppk format and configuring PuTTY for establishing an SSH connection, see “Configuring PuTTY”.
April 2018 Deploying Avaya Equinox Solution 159 Comments on this document? [email protected] Equinox Media Server deployment
4. On the Linux server, run the command: aws. 5. To configure the AWS details, run the command: aws configure. 6. Configure the following fields: • AWS Access Key ID: Type the AWS access key ID. • AWS Secret Access Key: Type the AWS secret access key ID. • Default region name: Type the region name. For example, us-west-2. • Default output format: Type text or json. 7. To create an IAM role, do the following: a. Create a file called
April 2018 Deploying Avaya Equinox Solution 160 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
Result AWS Management Console creates the new IAM role with the instance profile and the associated policies.
Launching an Amazon EC2 instance Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Compute, and click EC2. The system displays the EC2 Management Console page. 3. In the navigation pane, click IMAGES > AMIs. 4. Select the product-specific Avaya Aura® AMI, and click Launch.
Deploying the Equinox Media Server AMI Before you begin Convert the Equinox Media Server OVA to AMI. Procedure 1. Sign in to the Amazon Web Services Management console. 2. Go to Services > Compute, and click EC2. The system displays the EC2 Management Console page. 3. In the left navigation pane, click IMAGES > AMIs. The system displays the list of AMIs. 4. Select the Avaya Breeze™ AMI, and click Launch. 5. On the Choose an Instance Type page, select an instance type, and click Next: Configure Instance Details. You must select the correct instance type for deploying the AMI. If you select an incorrect instance type, usability of the system might be impacted. 6. On the Configure Instance Details page, do the following: a. From the Network drop-down list, select a VPC network. b. In the Network interfaces section, configure IP addresses for the eth0 and eth1 devices. • eth0: Configure the management IP address. Use this IP address to start an SSH session.
April 2018 Deploying Avaya Equinox Solution 161 Comments on this document? [email protected] Equinox Media Server deployment
• eth1: Configure the SIP security module IP address. You might have to add the eth1 device. 7. Click Next: Add Storage. AWS Management Console displays the Add Storage page. 8. Configure the required storage based on the Equinox Media Server profile, and click Next: Tag Instance. AWS Management Console displays the Tag Instance page. 9. Type a unique name, and click Next: Configure Security Group. 10. On the Configure Security Group page, create a new security group or select an existing security group, and click Review and Launch. You must select the security group that has the required ports enabled. For information about ports, see the port matrix on the Avaya Support website at http://support.avaya.com/. 11. On the Select an existing key pair or create a new key pair dialog box, select one of the following options: • Choose an existing key pair: If you select this option, perform the following: a. From the Select a key pair drop-down list, select a key pair. b. Select the I acknowledge that I have access to the selected private key file (
April 2018 Deploying Avaya Equinox Solution 162 Comments on this document? [email protected] Deploying Equinox Media Server on AWS
Configuring Equinox Media Server on AWS Before you begin • Deploy the Equinox Media Server AMI. • Ensure the 2/2 checks passed. Procedure 1. Start an SSH session to the Equinox Media Server instance on AWS. Use the management IP address configured on the Configure Instance Details page for the SSH session. 2. Log in to AWS with the cust user credentials. The following are the default login credentials: • Login: cust • Password: cust01. AWS displays a prompt to change the default cust user password 3. Follow the prompts and change the password. AWS displays the Equinox Media Server Server Configuration page. 4. Read EULA, type Y, and press Enter to accept the Avaya software license terms. AWS displays the Equinox Media Server Server Configuration – Management Network page. 5. Configure the following fields: • hostname • server’s IP address • netmask • gateway IP address • network domain Type new values to change the default configuration. Press Enter to keep the default configuration. 6. Type Y and press Enter to save the configuration. AWS displays the Equinox Media Server Server Configuration – DNS page. 7. (Optional) Configure the following fields: • Primary DNS server IP address • Secondary DNS server IP address
April 2018 Deploying Avaya Equinox Solution 163 Comments on this document? [email protected] Equinox Media Server deployment
Type new values to change the default configuration. Press Enter to keep the default configuration. 8. Type Y to save the configuration. AWS displays the Equinox Media Server Server Configuration – PROXY page. 9. Type n, and press Enter. 10. Type Y to save the configuration. AWS displays the Avaya Timezone Selection page. 11. Select a time zone, and press Enter. AWS displays the Equinox Media Server Server Configuration – Date/Time page. 12. Press Enter to keep the default configuration for the following fields: • Date • Time 13. Type Y to save the configuration. AWS displays the Equinox Media Server Server Configuration – NTP page. 14. Press Enter to keep the default configuration. The default configuration uses the AWS NTP servers and an Internet connection through the NAT gateway for the Equinox Media Server node. AWS displays the configuration summary for verification. 15. Type Y to save the configuration. AWS displays the Equinox Media Server Server Configuration — Enable or Disable EASG page. 16. Type one of the following to configure EASG: • 1 to enable EASG. • 2 to disable EASG. AWS displays the Equinox Media Server Server Configuration — Application page. 17. Configure the following fields: • IP address of the System Manager • Enrollment Password AWS configures: • The System Manager components. after you configure the System Manager IP address. • The default firewall rules after you configure the new Enrollment Password. Result AWS starts the Equinox Media Server instance.
April 2018 Deploying Avaya Equinox Solution 164 Comments on this document? [email protected] Equinox Media Server initial configuration
Equinox Media Server initial configuration
Adding Equinox Media Server in Equinox Management About this task Manage Equinox Media Server using Equinox Management. Before you begin Get the following details: • IP address of Equinox Media Server • IP address of the gatekeeper • Location of Equinox Media Server if the deployment has multiple locations. Procedure 1. Log in to Equinox Management. 2. Click Devices. 3. Click Media Servers in the left pane. Equinox Management displays the Media Servers window. 4. Click Add. Equinox Management displays the Add Media Server window. 5. Configure the following fields: • Name • IP Address • Registered To • Location Result Equinox Management adds the Equinox Media Server instance as a device.
Add Media Servers field descriptions
Name Description Name The name of the media server. The name is used to identify specific media server instances in the list of media servers. Table continues…
April 2018 Deploying Avaya Equinox Solution 165 Comments on this document? [email protected] Equinox Media Server deployment
Name Description IP Address The management IP address configured during the installation. Registered To The drop-down list containing the registered gatekeepers. If you select None, you can add the media server to Equinox Management, but the media server will not be connected to the network. Location The location of the media server. The location of the media server is only relevant in deployments with multiple locations.
Adding Equinox Media Server in Equinox Management as a gateway About this task Equinox Media Server as a WebRTC gateway is deployed as a cascaded server of Scopia® Elite 6000 MCU and manages all the WebRTC traffic of conference participants who join conferences using web browsers. Procedure 1. Log in to Equinox Management. 2. Click Devices. 3. Click Gateways in the left pane. Equinox Management displays the Gateways window. 4. Click Add. 5. Configure the following fields: • Name • IP Address • Model • Location Result Equinox Management adds Equinox Media Server as a WebRTC gateway. Related links Adding or updating the Equinox Media Server licenses on page 169
April 2018 Deploying Avaya Equinox Solution 166 Comments on this document? [email protected] Equinox Media Server initial configuration
Add Gateway field descriptions
Name Description Name The name of the WebRTC gateway. The name is used to identify specific media server instances in the list of media servers. IP Address The management IP address configured during the installation. Model The role of the gateway. Avaya WebRTC Gateway is specifically used to configure Equinox Media Server as a gateway for web browser-based conferences. Registered To The drop-down list containing the registered gatekeepers. If you select None, you can add the media server to Equinox Management, but the media server will not be connected to the network. Location The location of the media server. The location of the media server is only relevant in deployments with multiple locations.
Configuring the Equinox Media Server network settings Before you begin • Decide a descriptive name for Equinox Media Server. • If the deployment has multiple locations, get the location of the Equinox Media Server instance. • If you deploy Equinox Media Server as a web collaboration gateway, get FQDN. • Get the network IP addresses of: - NTP server - DNS servers - Default gateway - SIP proxy server Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox Media Server instance. Equinox Management opens the media server window.
April 2018 Deploying Avaya Equinox Solution 167 Comments on this document? [email protected] Equinox Media Server deployment
3. Click the Configuration tab. 4. Configure the network settings. 5. Click Apply.
Configuration field descriptions
Name Description Basic Settings Name The name of the Equinox Media Server instance. Enter a name that indicates the location and working mode of Equinox Media Server. Location The location of Equinox Media Server in the enterprise network. This field is relevant only if there are multiples locations in the deployment. Service FQDN The FQDN of Equinox Media Server. This field is relevant only if you deploy Equinox Media Server as a web collaboration server. In Maintenance The option to change Equinox Media Server to inactive mode for maintenance. In the maintenance mode, you can configure settings and perform upgrades, but you cannot use the Equinox Media Server instance. Secure Connection The option to enable a permanent secure connection between Equinox Media Server and Equinox Management using TLS. You can use this option only if you installed security certificates for TLS. Master Media Server for Cascading The option to set the specified server as the master server when cascading is enabled. When the option is not selected, the media server appears on the Devices page with an icon indicating that it can be designated only as a slave media server during cascading. NTP Settings NTP Server The IP address of the NTP server that sets the time for Equinox Media Server. If there is no NTP server, the value of the field must be 0.0.0.0. Table continues…
April 2018 Deploying Avaya Equinox Solution 168 Comments on this document? [email protected] Equinox Media Server initial configuration
Name Description NTP Time Zone The time zone where the NTP server is configured. Network Settings DNS Server 1 The IP address of the DNS server. DNS Server 2 The IP address of the secondary DNS server. IP Address The IP address of Equinox Media Server Subnet Mask The subnet mask of Equinox Media Server. Default Gateway The default gateway of Equinox Media Server. Local FQDN FQDN of Equinox Media Server. The local FQDN must be identical to the service FQDN. H.323 Settings Required Gatekeeper The drop-down list of the available gatekeepers. Current Gatekeeper The IP address of the current gatekeeper. SIP Settings SIP Proxy Server The IP address of the SIP server. Transport Type The transport protocol of the SIP server. The options are: • TCP • UDP The transport type must be UDP. Turn/Stun Servers The IP address of the session border controller. This field is relevant only if you deploy Equinox Media Server as a WebRTC gateway.
Adding or updating the Equinox Media Server licenses About this task Update license keys when you increase the Equinox Media Server capacity or increase the number of ports with a flexible license. Before you begin • Get the License Authentication Code (LAC) file from the Avaya customer email. • Download the upgrade package at https://plds.avaya.com/. If you upgrade Equinox Media Server to a major version, you need a new license key. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox Media Server instance.
April 2018 Deploying Avaya Equinox Solution 169 Comments on this document? [email protected] Equinox Media Server deployment
Equinox Management displays the Equinox Media Server instance page. 3. Click the Licensing tab.
4. In Update License Key, copy and paste or type the license key. 5. Click Apply. Result Equinox Management activates the new Equinox Media Server license.
Changing the Equinox Media Server working mode Before you begin Add the Media Server license to the Equinox Media Server instance. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox Media Server instance. Equinox Management opens the media server window. 3. Click Change next to Working Mode. You can change the working mode to one of the following two modes: • Full Video + Web Collaboration: This is the default mode. • High Capacity Audio + Web Collaboration
April 2018 Deploying Avaya Equinox Solution 170 Comments on this document? [email protected] Equinox Media Server initial configuration
Equinox Management displays a confirmation message. 4. Click Yes.
Customizing audio messages About this task You can customize the default audio messages. You can upload a single customized audio message or a compressed file containing all the customized messages. Before you upload your customized audio messages, download the existing audio messages pack. You can also use this messages pack to inspect the message file naming convention. Procedure 1. Log in to Equinox Management. 2. Click Settings. 3. On the left pane, click Advanced > Customization. Equinox Management displays the Customization window 4. Click Update, and select the compressed file pack containing the audio messages. The audio messages in the compressed file pack must be in the .wav format and encoded with G.711 (CCITT), 8-bit, 8kHz mono. The file pack must be maximum 3Mb. 5. Click Apply.
April 2018 Deploying Avaya Equinox Solution 171 Comments on this document? [email protected] Equinox Media Server deployment
Secure connection with Equinox Management Creating security certificates About this task TLS certificates, issued by a trusted certification authority, contain the public encryption keys of Equinox Media Server that are used over the network to ensure authentication and encryption of the network connection. Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. Note: Equinox Media Server does not support wildcard certificates. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Equinox Media Server instance. Equinox Management displays the Equinox Media Server instance window. 3. Click the Certificate tab. 4. Click Create. Equinox Management displays the Generate CSR window. 5. Configure the following fields: • Common name • Organizational Unit • Organization • City • State • Country Code • Encryption Strategy • Signature Algorithm 6. Click Generate CSR. 7. Click Save to view the certificate. Equinox Management displays the certificate in the Download window. 8. Save the certificate.
April 2018 Deploying Avaya Equinox Solution 172 Comments on this document? [email protected] Equinox Media Server initial configuration
Equinox Management saves the certificate as a CSR file that is compatible with the Base-64 ASCII code. 9. Send the CSR file containing the certificate to the certification authority for signing. Select Web Server as the certificate template when you submit the certificate request. Result The certification authority will send back a signed certificate. Next steps Upload the certificates. Uploading security certificates About this task TLS certificates from CA must be uploaded to Equinox Media Server to ensure authentication and encryption of the network connection. Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. Before you begin Generate the certificates. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Equinox Media Server instance. Equinox Management displays the Equinox Media Server instance window. 3. Click the Certificate tab. 4. Click Upload. Equinox Management displays the Upload certificates window. 5. Click Add, and browse to the certificates. Repeat this step for all certificates. Equinox Management displays a confirmation message after each certificate is uploaded. 6. Click Apply All. Result Equinox Media Server automatically restarts.
April 2018 Deploying Avaya Equinox Solution 173 Comments on this document? [email protected] Equinox Media Server deployment
Securing the connection between Equinox Media Server and Equinox Management About this task Equinox Management might restart Equinox Media Server to secure the connection when you change the transport type to TLS. Before you begin Install the security certificates for TLS. Procedure 1. Log in to Equinox Media Server. 2. Click Devices. 3. In the left pane, click Media Servers. Equinox Management displays the Media Servers page. 4. Click the name of the Equinox Media Server instance. Equinox Management displays the Equinox Media Server instance page. 5. Click the Configuration tab. 6. Select the Secure connection check box. 7. Click Test Connection to check the secure connection. Equinox Management displays a confirmation that the test is successful. 8. Click OK. 9. Click Apply. Equinox Management displays a prompt to warn that Equinox Media Server will be restarted and all meetings in progress will be disconnected. 10. Click Yes. Result • Equinox Management restarts Equinox Media Server. • The connection between Equinox Media Server and Equinox Management is secured using TLS.
April 2018 Deploying Avaya Equinox Solution 174 Comments on this document? [email protected] Chapter 9: Scopia Elite 6000 MCU deployment
Scopia Elite MCU overview The Scopia Elite MCU is Equinox Solution’s flagship platform for high definition multi-party videoconferencing. An MCU, or Multipoint Control Unit, connects several endpoints to a single videoconference. It manages the audio mixing and creates the video layouts, adjusting the output to suit each endpoint's capabilities. The MCU harnesses revolutionary processing power for the most demanding videoconferencing applications using the latest DSP technologies. For an uncompromised videoconferencing experience, the MCU supports dual channels of Full HD 1080p at 60 frames per second for video and content, H.264 High Profile for bandwidth efficiency, H.264 Scalable Video Coding (SVC) for high network error resiliency, and full support for many telepresence systems. With the MCU, each videoconference participant receives a quality experience optimized to their individual capabilities, from wireless mobile devices to HD room systems and immersive telepresence systems. The MCU leads in video interoperability, working with the broadest range of video systems on the market from leading UC clients to mobile devices and telepresence systems. The MCU also features a patented, distributed architecture approach known as the Virtual MCU or cascaded videoconferences, which brings unparalleled scalability to its superb videoconferencing experience.
Scopia® Elite 6000 MCU deployment checklist
# Action Link/Notes
1 • Check the site to ensure that the site is See Rack Mounting Guide for Avaya suitable for the Scopia® Elite 6000 Scopia® Elite 6000 MCU MCU server installation. • Unpack the Scopia® Elite 6000 MCU server and check for damages. Table continues…
April 2018 Deploying Avaya Equinox Solution 175 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
# Action Link/Notes
• Add a power supply unit to the Scopia® Elite 6000 MCU server. • Mount the Scopia® Elite 6000 MCU server onto the rack. • Connect the power and serial cables to the Scopia® Elite 6000 MCU server. 2 Configure the Scopia® Elite 6000 MCU IP See Configuring the Device IP addresses and IP separation. Addresses on page 182 and Configuring IP separation on page 187 3 Configure the ports on Scopia® Elite See Configuring Ports on All Models of 6000 MCU the MCU on page 191 4 Verify the installation of the Scopia® Elite See Verifying the Installation on 6000 MCU server page 197
Technical specifications This section details the system specifications of the MCU you purchased. Refer to this data when preparing system setup and afterwards as a means of verifying that the environment still complies with these requirements. Hardware requirements The following table refers to the physical details of the device:
Table 17: Physical device specifications
Scopia Elite MCU 6105, 6110 Scopia Elite MCU 6140 and 6120 System power requirements Input 100-240 VAC, 50/60 Hz 100-240 VAC, 50/60 Hz with hot- swap redundant AC power supply and feed (optional) AC Input 600W output @ 100-240V, 7.5A, 1000W output @ 100-120V, 50-60Hz 12-10A, 50-60Hz 1200W output @ 120-140V, 12-10A, 50-60Hz 1800W output @ 200-240V, 10-8.5A, 50-60Hz Maximum power consumption at 200W, 250VA (682 BTU/h) 360W, 450VA (1228 BTU/h) 35°C Table continues…
April 2018 Deploying Avaya Equinox Solution 176 Comments on this document? [email protected] Technical specifications
Scopia Elite MCU 6105, 6110 Scopia Elite MCU 6140 and 6120 Environmental requirements Operating temperature 10°C to 35°C (50°F to 95°F) Relative humidity 5% to 90% non-condensing Storage and transit temperature -40°C to 70°C (-40°F to 158°F), ambient Acoustics Low noise fan speed control Physical requirements Dimensions Width: 437mm (17.2"); height: Width: 437mm (17.2"); height: 43mm (1.7"); depth 664mm 43mm (1.7"); depth: 790mm (26.1") (31.1") Approximate net weight 11kg (24.25lbs) 14.5kg (32lbs) with one power supply Approximate gross weight (with 21kg (46.3lbs) 23kg (50.7lbs) packaging) Rack mounting 19-inch rack-mountable with flanges
Software Specifications The technical specifications of the protocols and software requirements apply to all Scopia® Elite 6000 MCU models: • Signaling protocols: - H.323 - SIP • Audio support: - Codecs: G.711. G.722, G.722.1, G.729, G.722.1 Annex C - DTMF tone detection (in-band, H.245 tones and RFC2833) • Video support: - High Definition Continuous Presence video with a resolution of 1080p at up to 60fps - Codecs: H.263, H.263+, H.264, H.264 SVC, H.264 High Profile - Live video resolutions: CIF up to 1080p - Presentation video resolution: VGA, SVGA, SXGA, XGA, 720p, 1080p, WUXGA - Video bandwidth: up to 12Mbps for 1080p resolutions and up to 6Mbps for 720p or lower • Web browser support: - Microsoft Internet Explorer version 6 and later - Microsoft Edge - Mozilla Firefox version 3.3 and later - Google Chrome
April 2018 Deploying Avaya Equinox Solution 177 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
- Apple Safari
About the Capacity of the MCU The MCU's capacity is measured in terms of the maximum number of simultaneous connections to a videoconference supported by this device. The impact of a connection on the MCU's capacity depends on the bandwidth of the connection, which in turn is dependent on the resolution and frame rate of that connection. Therefore the same meeting can support a mix of HD and SD connections. For example, a connection at 1080p at 30fps or 720p at 60fps uses half the capacity of a 1080p connection at 60fps. Similarly, a connection at 480p at 30fps uses a quarter of the resources of a 1080p connection at 30fps, or one-eighth of the resources of a 1080p 60fps connection.
Figure 87: A connection uses its proportion of resources on the MCU
Important: To enable connections at 720p at 30fps to use half the capacity of a 1080p 30fps connection, install the Double Capacity license. The following table details the number of simultaneous connections available for each of the devices when all the connections have the same video resolution and frame rate.
April 2018 Deploying Avaya Equinox Solution 178 Comments on this document? [email protected] Ports to Open for the Scopia® Elite 6000 MCU
Table 18: Number of simultaneous connections available at different video quality settings
Scopia® Elite 6000 1080p at 60fps 1080p at 30fps, 720p at 30fps 480p at 30fps MCU Model 720p at 60fps, (with double 720p at 30fps capacity license) (no double capacity license) Scopia Elite MCU 6105 3 5 10 20 Scopia Elite MCU 6110 5 10 20 40 Scopia Elite MCU 6120 10 20 40 80 Scopia Elite MCU 6140 20 40 80 160
Important: You can increase the device's capacity at any resolution (including 1080p at 60fps) to the same capacities listed under 480p by enabling Switched Video in the meeting type (or service). For more information on enabling switching, see Administrator Guide for Avaya Scopia® Elite 6000 MCU. However, if you encrypt the media and enable switching in the same MCU service, the resolution may be dynamically lowered slightly in some cases, but overall MCU capacity remains constant. If you want to limit the resolution and frame rate of all connections to a meeting, define a meeting type (MCU service) in the MCU and place the limit there. For more information, see Administrator Guide for Avaya Scopia® Elite 6000 MCU. Alternatively, you can limit the bandwidth using the global bandwidth policies in Equinox Management. Audio ports capacity Audio ports capacity is exclusive of the video ports capacity.
Scopia® Elite 6000 MCU Model Audio ports Scopia Elite MCU 6105 20 Scopia Elite MCU 6110 40 Scopia Elite MCU 6120 80 Scopia Elite MCU 6140 160
Ports to Open for the Scopia® Elite 6000 MCU The Scopia® Elite 6000 MCU is typically located in the enterprise network and is connected to the DMZ. When opening ports on the Scopia Elite MCU, use the following as a reference: • If you are opening ports that are both in and out of the Scopia® Elite 6000 MCU, see Table 19: Bidirectional Ports to Open on the Scopia® Elite 6000 MCU on page 180.
April 2018 Deploying Avaya Equinox Solution 179 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
• If you are opening ports inbound to the Scopia® Elite 6000 MCU, see Table 21: Inbound Ports to Open to the Scopia® Elite 6000 MCU on page 182. Important: The specific firewalls you need to open ports on depends on where your MCU and other Equinox Solution products are deployed.
Table 19: Bidirectional Ports to Open on the Scopia® Elite 6000 MCU
Port Range Protoc Destination Functionality Result of Blocking Required ol Port 1024-1324 H.245 Any H.323 Enables H.245 Cannot connect H. Mandatory (TCP) device signaling 323 calls To configure, see Configuring the TCP Port Range for H.245 on Scopia® Elite 6000 MCU on page 192 1719 RAS H.323 Enables RAS Cannot Mandatory (UDP) gatekeeper signaling communicate with H. To configure, see 323 gatekeeper Configuring the UDP port for RAS on Scopia® Elite 6000 MCU on page 194 and Configuring the UDP port for the gatekeeper on Scopia® Elite 6000 MCU on page 194 1720 Q.931 Any H.323 Enables Q.931 Cannot connect H. Mandatory (TCP) device signaling 323 calls To configure, see Configuring the TCP port for Q.931 on Scopia® Elite 6000 MCU on page 195 3336 XML Conference Enables you to Cannot use MCU Mandatory if deployed (TCP) Control web manage the MCU Conference Control with Equinox client via the XML API web user interface. Management endpoint, Cannot use XML Equinox API to control MCU. Managemen t, or third- party controlling applications 3337 XML Other MCUs Enables use of Cannot cascade Mandatory if multiple (TCP) MCU Cascading between two MCUs MCUs are deployed with XML API Equinox Management Table continues…
April 2018 Deploying Avaya Equinox Solution 180 Comments on this document? [email protected] Ports to Open for the Scopia® Elite 6000 MCU
Port Range Protoc Destination Functionality Result of Blocking Required ol Port 3338 XML Equinox Enables you to Cannot configure Mandatory if deployed (TCP) Managemen configure the MCU via the XML with Equinox t, or third- MCU via the XML API Management party API configuration applications 3400-3580 SIP Any SIP Enables SIP Cannot share SIP Mandatory if using BFCP video content sharing contents content sharing with SIP (TCP) network over TCP device To configure, see Configuring the TCP port range for SIP BFCP on Scopia® Elite 6000 MCU on page 196 5060 SIP Any SIP Enables SIP Cannot connect SIP Mandatory if using SIP (TCP/ video signaling calls over TCP/ UDP UDP) network To configure, see device Configuring the TCP, UDP, and TLS port for SIP on page 196 5061 SIP Any SIP Enables secure Cannot connect SIP Mandatory if using SIP (TLS) video SIP signaling calls over TLS over TLS network To configure, see device Configuring the TCP, UDP, and TLS port for SIP on page 196 12000-13200 RTP/ Any H.323 Enables real-time Cannot transmit/ Mandatory RTCP/ or SIP delivery of video receive video media 16384-16984 To configure, see SRTP media- and audio media streams Configuring the UDP port (UDP) enabled ranges for RTP/RTCP on video Scopia® Elite 6000 network MCU on page 192 device
Table 20: Outbound ports to open from Scopia® Elite 6000 MCU
Port range Protocol Destination Function Result of Required blocking port 162 SNMP (UDP) Equinox Enables sending Cannot send Recommended Management or SNMP trap SNMP traps any SNMP events manager station 53 DNS (TCP/UDP) DNS server Enable querying DNS is disabled Mandatory DNS for FQDN
April 2018 Deploying Avaya Equinox Solution 181 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Table 21: Inbound Ports to Open to the Scopia® Elite 6000 MCU
Port Protocol Destination Functionality Result of Blocking Required Range Port 21 FTP FTP Server Enables audio stream Cannot record audio Optional (TCP) recording streams 22 SSH SSH Client Enables you to view Cannot view logs in Optional (TCP) logs real-time (logs are collected on the compact flash card) 80 HTTP Web client Provides access to the Cannot configure Mandatory if using (TCP) MCU Administrator and MCU HTTP Conference Control web To configure, see user interfaces; used for Configuring the software upgrade HTTP port on Scopia® Elite 6000 MCU on page 193 443 HTTPS Web client Provides secure access Cannot configure Mandatory if using (HTTP to the MCU MCU HTTPS over Administrator and SSL) Conference Control web user interfaces; used for software upgrade
Configuring the IP addresses About this task The MCU supports the following format of IP addresses: • IPv4 (default) • Both IPv4/IPv6 (Internet Protocol Version 6). This dual mode allows deploying servers using both protocols in your solution. Caution: The device is shipped with a static IPv4 address, which might conflict with an existing address on your network. Configure the MCU to its new IPv4 address before connecting the MCU to the network. You can add an IPv6 address if necessary, after the MCU has its new IPv4 address. This procedure describes how to configure the management IP address on the left-hand NIC port (see Figure 88: Rear panel of the device on page 183). Use this address to access the MCU web interface.
April 2018 Deploying Avaya Equinox Solution 182 Comments on this document? [email protected] Configuring the IP addresses
Before you begin Make sure you have these items: • Dedicated IP address for the device • Dedicated subnet mask for the device • IP address of the default router which the device uses to communicate over the network • A PC with an available serial port. It should have a terminal emulator software installed like SecureCRT or PuTTY. • Power, network, and serial cables supplied with the device accessories kit. You must choose how you want to deploy the two network ports of this device: network redundancy or IP separation. By default, the NICs are paired as a primary NIC and a redundant NIC. To separate them into media and management (IP separation) first define the IP address of both NICs as detailed in this section, and then perform the IP separation. Use the serial port on the back panel of the device to connect it directly to a PC to assign an IP address. You must assign the IP address before you connect the device to the network. Procedure 1. Connect the power cable, but do not switch on the device.
Figure 88: Rear panel of the device 2. Connect the device serial port to a PC with the terminal emulator software installed. 3. Start the terminal emulation application on the PC. 4. Set the communication settings in the terminal emulation application on the PC as follows (Table 22: Configuring the communication settings on page 184):
April 2018 Deploying Avaya Equinox Solution 183 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Table 22: Configuring the communication settings
Field Name Value Baud Rate 9600 Data bits 8 Parity None Stop bits 1 Flow Control None 5. Power the device (see Figure 89: Device front panel on page 184). Verify the power LED is lit green (Figure 89: Device front panel on page 184).
Figure 89: Device front panel
April 2018 Deploying Avaya Equinox Solution 184 Comments on this document? [email protected] Configuring the IP addresses
A log of the auto-boot events is displayed in the terminal emulator. 6. When the message Press any key to start configuration appears on the screen, press a key and wait for the following message: Main menu Main Menu N: Configure network port values R: Restore factory defaults Q: Quit
Select: Main menu N: Configure network port values R: Restore to factory defaults T: Set the XML connection mode to TCP (Reboot is not required) S: Set Board Security Level Q: Quit If you do not see this output, contact customer support. 7. Enter N at the prompt to configure network port values. The terminal displays the following message: Configure network port values 1: Show current network configuration 2: Change network configuration 0: Return to main menu
Select: 8. Enter 2 to change the network configuration. 9. Enter the new settings at each prompt (Table 23: Configuring network settings on page 185).
Table 23: Configuring network settings
Field Description IP Address IP address of the device Subnet mask IP address of the subnet mask to which the device belongs. If you are not using a subnet mask, press Enter. Default router IP address of the default router the device uses to communicate over the network
Important: The new settings configure both NICs since they are paired by default as a primary NIC and a redundant NIC. 10. Allow the device to complete the reboot process. A new emulator session begins. 11. Close the terminal emulator session.
April 2018 Deploying Avaya Equinox Solution 185 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
12. Connect the network cable to the ethernet connector on the rear panel of the device. Use one of the following connections: • If you do not need network redundancy or IP separation, connect the network cable either to NIC1 or to NIC2. • To achieve network redundancy, connect a network cable routed from the same switch to each NIC. • To achieve IP separation for separating management and media traffic, connect NIC1 to the management subnet and NIC2 to the media and signaling subnet. For more information, see Configuring IP separation on page 187. 13. (Recommended) Set the network switch to 1Gbps Auto Negotiation full duplex, if it can support this configuration. The throughput of the network switch should always be the same as the setting in the MCU, whose default value is also 1Gbps. You can change the default value from the MCU administrator web interface by navigating to Configuration > Network > Port Settings (Figure 90: Configuring the MCU throughput on page 186).
Figure 90: Configuring the MCU throughput 14. To configure the following IPv6 and DNS server IP addresses, navigate to Configuration > Network (Figure 90: Configuring the MCU throughput on page 186). • IPv6 Address > Set manually > Primary IP address • DNS server 1 • DNS server 2
April 2018 Deploying Avaya Equinox Solution 186 Comments on this document? [email protected] Configuring IP separation
If you do not configure valid IP addresses for the DNS servers, you might face SIP call disconnections. 15. Select Apply at the bottom of the page. 16. Make sure no videoconferences are running on the MCU, and select Yes to restart the device.
Configuring IP separation About this task You can configure IP separation on each network port (dual-NIC), improving security by placing the management data on a separate subnet from the media and signaling traffic. Separating these types of data on different subnets improves security because management data typically remains on subnets within the enterprise, while the media of video calls is often required to traverse firewalls and reach endpoints outside the enterprise. Management refers to the administration messages sent between components of the Equinox Solution as they manage and synchronize data between them. Management also includes front- end browser interfaces configuring server settings on the server. Management messages are usually transmitted via protocols like HTTP, SNMP, FTP or XML. For example, Equinox Management uses management messages to monitor the activities of an MCU/Media Server, or when it authorizes the MCU/Media Server to allow a call to proceed. Media refers to the live audio, video and shared data streams sent during a call. Presentation and Far end camera control (FECC) are examples of information carried on the data stream. Media is transmitted via the RTP and RTCP protocols in both SIP and H.323 calls. The parallel data stream of both live video and presentation, is known as dual video. Signaling, also known as call control, sets up, manages and ends a connection or call. These messages include the authorization to make the call, checking bandwidth, resolving endpoint addresses, and routing the call through different servers. Signaling is transmitted via the H. 225.0/Q.931 and H.225.0/RAS protocols in H.323 calls, or by the SIP headers in SIP calls. Signaling occurs before the control aspect of call setup. Before you begin • You must choose how you want to deploy the two network ports of this device: network redundancy or IP separation. By default, the NICs are paired as a primary NIC and a redundant NIC. To separate them into media and management (IP separation) first define the IP address of both NICs, and then perform the IP separation. • Make sure you have the management interface IPv4 addresses ready for use: Management IP Address, Management Router, Management Subnet Mask. • Make sure you have the IPv4 addresses of the media and signaling interface ready for use: Media/Signaling IP Address, Media/Signaling Router, Media/Signaling Subnet Mask. • If you need management access from another branch with its own network, make sure you have the IPv4 address of that branch ready for configuration.
April 2018 Deploying Avaya Equinox Solution 187 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
• Make sure no videoconferences are running on the MCU, as you need to restart it at the end of the procedure. Procedure 1. If you previously had the MCU in a redundant dual-NIC setup and now you want to use to use dual NIC for IP separation, disconnect the network cables from the network switch. 2. Connect the network cable of the management subnet to the left ethernet port (NIC1).
Figure 91: The device's management connections
Important: Do not connect the network cable of the media subnet until you restart the device at the end of this procedure. 3. Log in to Equinox Management. 4. Click Devices. 5. In the left pane, click Media Servers. 6. Click the name of the media server instance. Equinox Management displays the page of the media server instance. 7. In the Info tab, click the IP address of the media server. Equinox Management display the management UI in a new window.
8. Select the Configuration tab. 9. Select the IP Separation check box to expand that section of the page.
April 2018 Deploying Avaya Equinox Solution 188 Comments on this document? [email protected] Configuring IP separation
Figure 92: Configuring IP separation with two network connections 10. Configure the IP addresses of each interface.
Table 24: Configuring the IP addresses of each network interface
Field Description Management IP address IP address of the MCU management interface (left ethernet port) as configured via serial port. This is the IP used to access this web interface. Management router IP address of the management subnet router Management subnet mask IP address of the management subnet mask Media/Signaling IP address IP address of the MCU media and signaling interface (right ethernet port belonging to a different subnet) Media/Signaling router IP address of the media and signaling subnet router Media/Signaling subnet mask IP address of the media and signaling subnet mask 11. Select Apply at the bottom of the page. 12. Select Yes to restart the MCU. 13. Connect the network cable of the media subnet cable to the right ethernet port (NIC2).
April 2018 Deploying Avaya Equinox Solution 189 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Figure 93: The device's media and signaling connections 14. (Optional) Depending on your deployment, you may need to access the MCU management interface from another network. For example, if your MCU is located on network 123.0.0.0 and your browser is on the same network (123.0.0.0), you can access the administrator web interface to reach this web page. You can then configure IP separation of management and media as detailed in this procedure, where management communications stay in this network (123.0.0.0) while media is routed to a different network: 133.0.0.0. However, if you need management access from another branch with its own network, for example 153.0.0.0, you can configure the 153.0.0.0 management traffic to be routed via 123.0.0.0, and then onwards to 153.0.0.0.
Figure 94: Example of additional management network
Use the following steps to configure an additional management network: a. Select More at the bottom of the expanded section. The Additional Management Networks section opens. b. Select Add Management Network. c. Configure the access to the MCU management subnet.
April 2018 Deploying Avaya Equinox Solution 190 Comments on this document? [email protected] Configuring Ports on All Models of the Scopia Elite MCU
Figure 95: Adding a new network for management access
Table 25: Configuring the additional network interfaces
Field Description IP address IP address of the additional network to access the management of the MCU Subnet mask IP address of the additional management subnet mask d. Select OK.
Configuring Ports on All Models of the Scopia Elite MCU This section provides instructions of how to configure the following ports and port ranges on all models of the Scopia Elite MCU: Related links Configuring the UDP port ranges for RTP/RTCP on Scopia® Elite 6000 MCU on page 192 Configuring the TCP Port Range for H.245 on Scopia® Elite 6000 MCU on page 192 Configuring the HTTP port on Scopia® Elite 6000 MCU on page 193 Configuring the UDP port for RAS on Scopia® Elite 6000 MCU on page 194 Configuring the UDP port for the gatekeeper on Scopia® Elite 6000 MCU on page 194 Configuring the TCP port for Q.931 on Scopia® Elite 6000 MCU on page 195 Configuring the TCP, UDP, and TLS port for SIP on page 196 Configuring the TCP port range for SIP BFCP on Scopia® Elite 6000 MCU on page 196
April 2018 Deploying Avaya Equinox Solution 191 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Configuring the UDP port ranges for RTP/RTCP on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU uses 360 ports for audio and 1080 ports for video. It has the following designated UDP port ranges for RTP/RTCP: • Video: 12000 to 13200 • Audio: 16384 to 16984 Important: Do not reduce the number of UDP ports that Scopia® Elite 6000 MCU uses for RTP/RTCP. The number of UDP ports required for RTP/RTCP is fixed. You can determine the exact port numbers that Scopia® Elite 6000 MCU uses by defining the lower-end of the port range called the Base port. Procedure 1. Log in to Avaya Equinox Management. 2. Click Devices, and select the Scopia® Elite 6000 MCU instance. 3. Click Configuration > Advanced Parameters. Equinox Management opens the Restore window. 4. Click one of the following port entries: • Video Base Port • Audio Base Port 5. Type the new lower-end port number in the Value field. 6. Click Apply. 7. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the TCP Port Range for H.245 on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU uses 300 ports. It has a TCP port range of 1024 to 1324 ports designated for H.245. You can set the Base port, which is the lower end of the TCP port range. H.245 is a control channel protocol used for multimedia communication. This protocol processes transfer of
April 2018 Deploying Avaya Equinox Solution 192 Comments on this document? [email protected] Configuring Ports on All Models of the Scopia Elite MCU
information about the device capabilities and opening and closing of the logical channels that carry media streams. Procedure 1. Log in to Avaya Equinox Management. 2. Click Devices, and select the Scopia® Elite 6000 MCU instance. 3. Click Configuration > Advanced Parameters. 4. Click Click > More. 5. Type the following command in the Command field: h245baseport To see the current port number, click Execute. 6. Type the port number in the Value field. 7. Click Execute. 8. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the HTTP port on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU has port 80 designated for HTTP. You can also configure port 20 for HTTP. Note: If you configure a new HTTP port on Scopia® Elite 6000 MCU, update the new port number in the Scopia® Elite 6000 MCU URL to gain access to the web server. For example, if your new HTTP port value is 8080, type http://
April 2018 Deploying Avaya Equinox Solution 193 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Important: After selecting Execute, a warning message appears, notifying you that the unit will be reset and any active conferences will be disconnected. Avaya Equinox Management displays a message warning that Scopia® Elite 6000 MCU will be reset and all active conferences will be disconnected. 8. Click Yes to continue. 9. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the UDP port for RAS on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU has port 1719 designated for RAS. You can configure a different port for RAS. Port 1719 is also used to communicate with the gatekeeper. If you configure this port for RAS, you must configure a different port for the gatekeeper. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Scopia® Elite 6000 MCU instance. 3. Click Configuration > Advanced Parameters. 4. Click the H323 RAS port number entry. 5. Type the port number in the Value field. 6. Click Apply. 7. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the UDP port for the gatekeeper on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU has designated port 1719 for gatekeeper use. You can configure a different port to enable communication with the gatekeeper (for example, if port 1719 is busy). Port 1719 is also used for RAS (to configure the UDP port for RAS, see Configuring the UDP port for RAS on Scopia® Elite 6000 MCU on page 194).
April 2018 Deploying Avaya Equinox Solution 194 Comments on this document? [email protected] Configuring Ports on All Models of the Scopia Elite MCU
Important: If you close port 1719, you must configure another port for both the gatekeeper and RAS. If you configure a different port for the gatekeeper, you do not need to configure a different port for RAS. Procedure 1. Log in to Equinox Management. 2. Click Devices. 3. In the left pane, click Media Servers. 4. Click the name of the media server instance. Equinox Management displays the page of the media server instance. 5. In the Info tab, click the IP address of the media server. Equinox Management displays the management UI in a new window. 6. Click the Configuration > Protocols tab. 7. In the Enable H.323 protocol section, enter the port value in the Gatekeeper port field. (Figure 96: H.323 Protocol section of the Protocols tab on page 195).
Figure 96: H.323 Protocol section of the Protocols tab 8. Click Apply. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the TCP port for Q.931 on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU has port 1720 designated for Q.931. You can configure a different port for Q.931. Q.931 is a telephony protocol used for establishing and terminating the connections in H.323 calls. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Scopia® Elite 6000 MCU instance.
April 2018 Deploying Avaya Equinox Solution 195 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
3. Click Configuration > Advanced Parameters. 4. Click H323 SIG port number entry. 5. Type the port number in the Value field. 6. Click Apply. 7. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the TCP, UDP, and TLS port for SIP About this task Scopia® Elite 6000 MCU has ports 5060 and 5061 designated for SIP. You can configure a different port for SIP. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Scopia® Elite 6000 MCU instance. Equinox Management displays the Scopia® Elite 6000 MCU instance page. 3. Click the Configuration tab. 4. In SIP Settings, configure the following fields: • SIP Proxy Server • Transport Types: Choose UDP or TCP if you do not want to secure the SIP data traffic; choose TLS to secure the SIP traffic. If you choose TLS, you must install TLS certificates for encryption and authentication of the SIP traffic. 5. Click Apply. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Configuring the TCP port range for SIP BFCP on Scopia® Elite 6000 MCU About this task Scopia® Elite 6000 MCU has a TCP port range of 3400 to 3580 designated for SIP BFCP. BFCP is a protocol which coordinates shared videoconference features in SIP calls, often used by one participant at a time. For example, when sharing content to others in the meeting, one participant is designated as the presenter, and is granted the floor for presenting. All endpoints must be aware that the floor was granted to that participant and react appropriately.
April 2018 Deploying Avaya Equinox Solution 196 Comments on this document? [email protected] Verifying the MCU Equinox H.323 Edge Installation
The number of ports required for SIP BFCP is fixed. You can determine the exact port numbers that Scopia® Elite 6000 MCU uses by defining the lower-end of the port range called the Base port. Procedure 1. Log in to Avaya Equinox Management. 2. Click Devices, and select the Scopia® Elite 6000 MCU instance. 3. Click Configuration > Advanced Parameters. 4. Click the SIP BFC Base Port entry. 5. Type the new lower-end port number in the Value field. 6. Click Apply. 7. Click Close. Related links Configuring Ports on All Models of the Scopia Elite MCU on page 191
Verifying the MCU Equinox H.323 Edge Installation About this task After you installed the device and performed its initial configuration, you need to verify that it is installed and configured correctly. Procedure 1. On the front panel, verify that the power LED is lit green.
April 2018 Deploying Avaya Equinox Solution 197 Comments on this document? [email protected] Scopia Elite 6000 MCU deployment
Figure 97: Locating the front panel LEDs 2. Verify that the status LED is lit green (selected models only). 3. Check the network connection by verifying that the Ethernet activity LED is lit green. 4. Verify the device is ready for use by creating a videoconference: a. From an endpoint dial the MCU IP address. The MCU Auto-Attendant service plays the video and audio prompts. b. Press 0 to create a new videoconference. c. At the prompt, enter the meeting ID followed by #. The MCU creates the conference and opens the Conference window.
April 2018 Deploying Avaya Equinox Solution 198 Comments on this document? [email protected] Verifying the MCU Equinox H.323 Edge Installation
d. Exit the conference by disconnecting the call. 5. Verify the device is ready. a. Configure this MCU in Equinox Management as explained in Administrator Guide for Avaya Equinox Management. b. Take other MCUs offline (if any) to make sure you hold the videoconference on this MCU. c. From an endpoint dial the IP address (or the Auto-Attendant number if configured). d. Press 0 to create a new conference. e. At the prompt, enter the meeting ID followed by #. The MCU creates the videoconference. If it is successful, the MCU is properly installed and configured. You can view the videoconference status in these pages: • The MCU's Status Map which shows the connection to Equinox Management and conference use statistics.
Figure 98: The MCU Status Map • The Equinox Management Dashboard which shows the details of the current videoconference.
Figure 99: The Equinox Management Dashboard status f. Exit the videoconference by disconnecting the call.
April 2018 Deploying Avaya Equinox Solution 199 Comments on this document? [email protected] Chapter 10: Avaya Aura deployment
Deploying Avaya Aura components The following table lists the related documents for Avaya Aura components that are part of the Team Engagement deployment. Download the documents from http://support.avaya.com. Each document has a Documentation chapter with a list of other related documents that will help you in the deployment. The Avaya Support website also includes the latest information about product compatibility, ports, and Avaya Aura® releases.
Title Description Avaya Aura® Session Manager Overview and Describes the key features of Session Manager Specifications (SM) and of the co-resident option, Avaya Aura Device Services (AADS) Avaya Aura® System Manager Overview and Describes the key features of System Manager Specification (SMGR). Deploying and Updating Avaya Aura® Media Server Describes the deployment, updates and Appliance troubleshooting of Avaya Aura® Media Server appliances deployed in the VMware® virtualized environment or on Avaya Common Server. Can function as a WebRTC to SIP gateway for converting from WebRTC media to SIP-friendly media and support video codec transcoding as well. Avaya WebRTC Snap-in Reference Describes the Avaya WebRTC Snap-in. Enables users inside or outside the Enterprise to make a secure call from their web browser to any endpoint to which Avaya Aura® can deliver calls. Avaya Aura® Communication Manager Overview Describes the key features of Communication and Specification Manager. Avaya Aura® Presence Service Overview and Describes the key features of Presence Services. Specification Avaya Multimedia Messaging Overview and Describes the Avaya Multimedia Messaging product Specification and its features, as well as technical requirements for the server.
April 2018 Deploying Avaya Equinox Solution 200 Comments on this document? [email protected] Chapter 11: Migrating from Avaya Aura to Avaya Equinox
Introduction to migrating AAC8 data This section is intended for Avaya Aura Conferencing 8.0 (AAC8) customers who need to migrate their deployment data to OTT or TE Equinox Solutions, Release 9.0. Important: To migrate from AAC8 to Release 9.1, first migrate to Release 9.0. Then, upgrade to Release 9.1. For the latest information on upgrading, see the Administrator Guide for Avaya Equinox Management or the Avaya Equinox Management Release Notes on https:// support.avaya.com/downloads. There are four types of data migration:
Migration type Description AAC8 data to non-Aura Equinox For migrating data of Avaya Aura Conferencing Turnkey solution to OTT Equinox Solution Aura AAC8 data to non-Aura Equinox For migrating data of Avaya Aura Conferencing and Avaya Aura environment to OTT Equinox Solution Aura AAC8 to Aura Equinox For migrating data of Avaya Aura Conferencing and Avaya Aura to TE Equinox Solution AAC8 to Aura Equinox For migrating data of Avaya Aura Conferencing Turnkey solution to TE Equinox Solution
Avaya has created a migration tool for migrating users and conferencing data. The migration tool has these functionalities: • Simple Java Standalone application distributed as JAR file. • Uses AAC8 OPI to export data, and Equinox XML API to import data. • Converts AAC8 entities to Equinox entities. • Stores AAC8 raw data in the Equinox database, for future usage The following content is migrated • Only User Basic Data and User Conference Data are migrated.
April 2018 Deploying Avaya Equinox Solution 201 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
• User Basic Data are settings like first name, last name, email, phone, login. The data is mapped to the Equinox User entity. • User Conference Data are conference specific settings like access codes, waiting room checkbox, recording checkbox, maximum number of participants. The data is mapped to the Equinox Virtual Room entity. • Two types of user are considered: Local users and LDAP users. For LDAP users, only User Conference Data is migrated. User Basic Data is already synchronized and no update is required.. • AAC8 has up to two conference rooms per user (primary and secondary profile), Equinox can have many conference rooms if license allows it. If the Equinox license allows only one VRM, AAC8 and user already have one VRM, In this case, the AAC8 conference room is not migrated at all and the system displays a warning. • User locations are not migrated. AAC8 and Equinox location usage differs so they do not map well. Users locations are set as AUTO so other Equinox rules will be applied to determine location For migration to non-Aura Equinox data is migrated directly from AAC8 to Equinox Management. For migration to Aura Equinox, data is also migrated directly from AAC8 to Equinox Management for Release 9.0. In future releases, data will be migrated through Aura System Manager (SMGR). The tool generates XML files for the SMGR bulk import tool so all required data are imported to SMGR, and SMGR pushes all required data to Equinox Management. The current version of Equinox SMGR Extension Pack (EP) does not support bulk import yet. The tool generates XML files which cannot be used for now. The only limitation with direct import is that the SMGR user profile will not have the Equinox profile checkbox set and the administrator should be aware of this. When the Equinox SMGR EP bulk import tool is ready, those XML files can be used with the Merge option so the Equinox profile will be populated on SMGR as well. Migration of user base profiles The migration tool imports existing user fields from AAC User Base Profiles, creates users on Equinox Management, and opens Virtual Meeting Rooms (VMRs).
Data field name in AAC Description Mapping in Equinox Management Aura Login Name Aura Login Name User - Login ID User - Email if User's Email in AAC is empty Cell Phone Cell Phone Number User - Cell Phone Email User Email Address User - Email First Name User First Name User - First Name Virtual Room - User First Name Last Name User Last Name User - Last Name Virtual Room - User Last Name Business Phone Business Phone Number User - Office Phone Table continues…
April 2018 Deploying Avaya Equinox Solution 202 Comments on this document? [email protected] Introduction to migrating AAC8 data
Data field name in AAC Description Mapping in Equinox Management Virtual Room - Number (Optional. The administrator can choose.) Time Zone User Time Zone User - Time Zone
This is a set of expected values for approved constants mapped in Equinox Management: • User - Local True if Local user, False if LDAP • User - Named = TRUE Migration of user conferencing profiles The migration tool imports existing fields from the AAC User Conferencing Profiles and maps the selected fields into the user VMR in Equinox Management. The tool differentiates between video- enabled and non-enabled users and maps into video and audio-only services.
Data field name in AAC Description Mapping in Equinox Management Allow Fast Start Whether conference fast start is Virtual Room is in waiting room allowed mode
Note:
For video enabled meeting room, fast start is allowed by default. For audio only meeting room, this value is taken from AAC. First set a moderator pin, then enable the waiting room. In OTT deployment, if the waiting room is false, the moderator PIN is not mandatory. Conference Class of Service - Collaboration flow or Pass code Virtual Room - Protected Meeting Conference Flow flow Conference Class of Service — The maximal number of participants Virtual Room - Max Participants Maximal Number of Participants allowed in conference Enable Operator Control Whether operator control is enabled User - Allow Moderate Without Pin User - Allow Use Others Virtual Room User - View All Meetings By User Portal Enable Recording Whether recording is enabled User - Allow Recordings Virtual Room - Allow Recordings Enable Video Whether video is enabled User - Default Meeting Type Table continues…
April 2018 Deploying Avaya Equinox Solution 203 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
Data field name in AAC Description Mapping in Equinox Management Virtual Room - Meeting Type
Note:
Check Equinox Management default meeting type. The administrator should select the default meeting type for other media (audio or video). If video is enabled and the default type is video, use it for user and her/his virtual room; otherwise use administrator selection. Perform the same procedure for audio. Moderator Collaboration Code Moderator Code Virtual Room - Number Optional. The administrator can choose. Moderator Pass Code Moderator Pass Code Virtual Room - Moderator Pin In TE deployment the Moderator PIN is required, so if the Moderator Passcode is empty for user, then her/his moderator access code will be used. The list of such users will be shown in the end of migration process. Participant Collaboration Code participant Code Virtual Room - Number (Default option) Participant Pass Code Participant Pass Code Virtual Room - Conference Pin Video Class - Maximum average The maximal average bandwidth User - Max Bandwidth bandwidth per participant allowed for each participant in the conference
This is a set of expected values for approved constants mapped in Equinox Management: • User - Allow Streaming = ON Virtual Room - Allow Streaming = ON • User - Reservable = TRUE • User - Schedulable = TRUE • User - User Profile ID = CUSTOM • Virtual Room - Auto Extend = TRUE • Virtual Room - Block Dial IN = FALSE • Virtual Room - Default = TRUE (for Local users only) • Virtual Room - Description
April 2018 Deploying Avaya Equinox Solution 204 Comments on this document? [email protected] Exporting data from Avaya Aura® Conferencing 8.0
• Virtual Room - Name • Virtual Room - One Time Pin Required = FALSE • Virtual Room - Public = TRUE
Exporting data from Avaya Aura® Conferencing 8.0 About this task Use the following procedure to export your existing data from Avaya Aura® Conferencing 8.0 (AAC8). Important: To migrate from AAC8 to Release 9.1, first migrate to Release 9.0. Then, upgrade to Release 9.1. For the latest information on upgrading, see the Administrator Guide for Avaya Equinox Management or the Avaya Equinox Management Release Notes on https:// support.avaya.com/downloads. Before you begin • Contact Customer Support for information on downloading the latest version of the migration tool. Chat with live agents to get answers to questions, or request an agent to connect you to a support team for additional expertise. • Make sure you have your administrator credentials ready. Procedure 1. Run: java -jar aac-migration-tools-1.2.7-jar-with-dependencies.jar -e
April 2018 Deploying Avaya Equinox Solution 205 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
Figure 100: Data exporting procedure 2. Provide the AAC OPI URL with administrator credentials. It has the format: AAC8 Provision Server URL [https:// admin:[email protected]:8443]] This URL is required to execute OPI SOAP requests to AAC PROV. admin:admin in the command is the username:password for logging into the Provisioning page. The username and password can be changed, depending on the customer’s configuration. 3. Enter the SIP URL type to be added to Equinox Management: SIP URL type [Alphabetic] : [1] Alphabetic [2] Digital AAC8 has multiple SIP communication addresses like [email protected] or [email protected]; Equinox Management has only one. Only one SIP URI is currently supported in Equinox Management, so you can use only one AAC8 SIP communication address to Equinox Management. The Address template (alphabetic, digital) allows selecting the address type that will be used for Equinox calls. If there are no matches in one template, the first one from the list of user communication addresses will be selected. If there is more than one match, the first one in the array will be used. 4. Select Y to start exporting. The tool exports data from AAC8 and saves it in the AAC8Data.ser file.
April 2018 Deploying Avaya Equinox Solution 206 Comments on this document? [email protected] Importing Avaya Aura® Conferencing data to Avaya Equinox Management 9.0
Importing Avaya Aura® Conferencing data to Avaya Equinox Management 9.0 About this task Use the following procedure to import data you previously exported. Important: To migrate from AAC8 to Release 9.1, first migrate to Release 9.0. Then, upgrade to Release 9.1. For the latest information on upgrading, see the Administrator Guide for Avaya Equinox Management or the Avaya Equinox Management Release Notes on https:// support.avaya.com/downloads. Before you begin • Make sure you exported AAC8 data. • (Optional. Only for multi-tenancy) Equinox Management has multi-tenant and enterprise versions. Multi-tenancy means there are multiple different members and organizations, each one with its member ID. AAC is enterprise only. Make sure you have your member ID as you will be prompted for your organization member ID before starting the migration process. • Decide whether you run the migration tool from Equinox Management server or from a PC. If you are running the tool from the server, unmapped AAC fields will be kept in the Equinox Management database for future releases. If you are running the tool from a PC, AAC8 raw data are not stored in the Equinox Management database. Migration setting prompts are also slightly different as some data are retrieved automatically when running the tool on Equinox Management. Procedure 1. Upload aac-migration-tools-1.2.7-jar-with-dependencies.jar and AAC8Data.ser to Equinox Management as root.
Figure 101: Uploading the migration tool
April 2018 Deploying Avaya Equinox Solution 207 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
2. Execute java -jar aac-migration-tools-1.2.7-jar-with- dependencies.jar -i
3. Select your deployment type. The solution is called Avaya Equinox for Over The Top (OTT) when it ties to the customer existing infrastructure and provides services over the top of this infrastructure without requiring it to be upgraded or replaced. The solution that tightly integrates with Avaya Aura® components is called Avaya Equinox for Team Engagement and is deployed in medium and large enterprises.
Field Description [1] Aura AAC to Aura Equinox Enter 1 for migrating data from AAC8 (with Avaya Aura®) to TE Equinox Solution. [2] Non-Aura AAC to Non-Aura Enter 2 for migrating data from AAC8 Turnkey Equinox (no Aura) to OTT Equinox Solution. [3] Non-Aura AAC to Aura Equinox Enter 3 for migrating data from Avaya Aura® Conferencing (without Avaya Aura®) to TE Equinox Solution. [4] Aura AAC to Non-Aura Equinox Enter 4 for migrating data from Avaya Aura® Conferencing (with Avaya Aura®) to OTT Equinox Solution.
4. (Only for the to Aura Equinox deployment type) Enter the System Manager (SMGR) name. 5. Enter Y to import AAC8 raw data into the Equinox Management database. Equinox Management will use these data when new features similar to those of AAC8 appear in future releases. The tables added to the Equinox Management database are: t_aac8_conf_class; t_aac8_video_class; t_aac8_system_profile; t_aac8_user; t_aac8_user_comm_addr. This option is available only if you run the tool from Equinox Management . 6. Enter the Equinox Management database credentials. The default user name is icm_core_user. The default password is icm_core_1111. 7. Enter Y to do mapping and import into Equinox Management. 8. The following alert message appears on the screen: Is LDAP synchronization done on Equinox, Aura and AAC8? If not, perform it right now and then continue. Usually sync is done daily at midnight automatically, sometimes more rare. Without sync it right now, you can miss migration for a few LDAP users that were added after last sync time. Continue (Y/N) [N] :
April 2018 Deploying Avaya Equinox Solution 208 Comments on this document? [email protected] Importing Avaya Aura® Conferencing data to Avaya Equinox Management 9.0
If you enter Y and LDAP synchronization is missed, nothing critical happens. Usually, LDAP synchronization is configured to be done daily, so you might only loose a few users that were added to LDAP after the last synchronization. 9. Enter the username and password of the Equinox Management HTTP user. The default use name is admin. The default password is admin. 10. Enter the Equinox Member ID. The Equinox Solution has multi-tenant and enterprise versions, multi-tenant meaning multiple different members and organizations (different member IDs), which is not the case with Avaya Aura® Conferencing. If the Equinox Solution is an enterprise version, enter the default value 999 of the Equinox Member ID. 11. Enter the preferred Equinox Audio Meeting Type. It will be used as a meeting type for audio-only AAC8 users and their virtual rooms. The screen displays a Meeting Type list, the content of which depends on the meeting type configured in Equinox Management. Meeting types named 6K refer to Scopia Elite MCU; those named 7K refer to Equinox Media Server. 12. Enter the preferred Equinox Video Meeting type. It will be used as a meeting type for audio-only AAC8 users and their virtual rooms. The screen displays a Meeting Type list, the content of which depends on the meeting type configured in Equinox Management. Meeting types named 6K refer to Scopia Elite MCU; those named 7K refer to Equinox Media Server. 13. Enter the relevant user password type. The default user password is 2. User password type [Moderator code] : [1] Participant code [2] Moderator code [3] Office phone [4] Provide another password (the same for every user) For an LDAP user, the password is stored on the LDAP server. For Local users, the password will be reset to default after migration. You cannot get the user's plain password from AAC8. You will be prompted whether to use the participant code, or passcode, or telephone number as a password. If you enter 3, the following message appears: NOTE: if office phone of AAC8 user is blank then the participant code will be used. You will see the list of such users at the end of migration process 14. Enter the relevant Virtual Room number template at the prompt. The default user password is 1.
April 2018 Deploying Avaya Equinox Solution 209 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
Virtual Room Number Template [Participant code] : [1] Participant code [2] Moderator code [3] Office phone If you enter 3, and the business phone of the AAC8 user is blank, the participant code will be used. 15. (Only if the migration tool runs on Equinox Management) Enter Y to have the system retrieve the prefix of the Virtual Room number automatically from the Equinox Management configuration file; otherwise, enter N and then enter the prefix manually. The prefix is used for routing purposes. The migration settings are completed. A summary message appears on the display. 16. To continue exporting with these settings, enter Y. The tool performs the required migration operations. Upon completion, this message typically appears on the display.
Figure 102: Typical migration completed message
• Warnings are printed like failed users, no SIP URL matches selected template, email is blank, or passcode encrypted. • Summary is printed that contains information such as how many users are migrated. • (Only for the to Aura deployment type) The tool generates XML files for SMGR bulk import (for example, AAC8ToEquinoxMigrationAuraSMGRBulkImportData_1.xml). Each file contains up to 1,000 users. This tool is required for importing LDAP and Local user types into Equinox Management via System Manager and will be available for future releases. For the current release, data is pushed directly to Equinox Management • For the to Non-Aura Equinox deployment type, data is pushed directly to Equinox Management.
April 2018 Deploying Avaya Equinox Solution 210 Comments on this document? [email protected] Importing Avaya Aura® Conferencing data to Avaya Equinox Management 9.0
17. You are done with the migration process! Access Equinox Management to check that the following was migrated from AAC8 and created in the Equinox Management database: • Local user basic data and their virtual rooms
Figure 103: Example of user basic data in Equinox Management after migration
April 2018 Deploying Avaya Equinox Solution 211 Comments on this document? [email protected] Migrating from Avaya Aura to Avaya Equinox
Figure 104: User’s virtual room in Equinox Management after migration
April 2018 Deploying Avaya Equinox Solution 212 Comments on this document? [email protected] Chapter 12: Avaya Session Border Controller deployment for remote access in Over The Top solution
Deployment checklist for remote access in OTT — Non- tunneled mode This chapter describes how to configure the ASBCE for conferencing with remote Equinox Meet- me Clients, Meetings for Web Clients (WebRTC), and Avaya approved SIP endpoints. Participants in conferences have to interact with multiple servers through HTTPS. To avoid using multiple external public IPs, FQDNS, and certificates, the solution uses ASBCE URL rewriting. The method solves this interfacing complexity by allowing guests to access a conference via a single FQDN and a single IP address, using port 443. As each FQDN needs a certificate, and there is only one FQDN to interact with, this method also allows saving on the costs of commercial certificates. URL rewriting can be used in all Equinox deployments. You must set up and configure the solution components as described in each server documentation. For a full explanation on configuring servers that are part of the deployment, download documents from the Avaya Support website at http://support.avaya.com. The procedures in this chapter describe only a few of the device settings that are required for the deployment. Use this checklist as an example of deploying an ASBCE that supports up 250 calls in non- tunneled mode, using the URL rewriting method.
No. Task Link/Notes
1 Plan your deployment. See Planning your ASBCE deployment See Planning in the OTT solution on page 215. your ASBCE deployment in the OTT solution on page 215 Table continues…
April 2018 Deploying Avaya Equinox Solution 213 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
No. Task Link/Notes
2 Ensure that the Equinox system is up and internally operational in the enterprise. 3 Install ASBCE (version 7.2 and up) in a For a full explanation on deploying the virtualized environment. ASBCE, download the document on Deploying Avaya Session Border Controller in Virtualized Environment from the Avaya Support website at http://support.avaya.com 4 Ensure that you have administrator Refer to the administration guides of the privileges on the Equinox system. Equinox system components. You can download the documents from the Avaya Support website at http:// support.avaya.com. 5 Ensure that you have administrator For a full explanation on deploying the privileges on the ASBCE. ASBCE, download the document on Administering Avaya Session Border Controller for Enterprise from the Avaya Support website at http:// support.avaya.com. 6 Configure ASBCE TLS certificates. See Certificates on page 228. 7 Configure ASBCE network interfaces. See Configuring ASBCE network interfaces on page 234. 8 Configure ASBCE signaling interface. See Configuring ASBCE signaling interface on page 235. 9 Configure ASBCE media interface. See Configuring ASBCE media interface for OTT on page 235. 10 Configure ASBCE load monitoring. See Configuring ASBCE load monitoring for OTT on page 237. 11 Configure ASBCE server flows. See Configuring ASBCE server flows for OTT on page 238 12 In an OTT deployment, follow this See OTT deployment — Single IP and procedure to configure multiple server single FQDN for HTTP traffic on access using a single FQDN, a single page 239. IP address, and port 443. This is for a non-tunneled mode. 13 Configure the ASBCE STUN TURN See Configuring the ASBCE STUN Server in the Media Server. TURN server for OTT on page 239. 14 Configure ASBCE in Equinox See Configuring the ASBCE in Equinox Management. Management on page 247. 15 Configure ASBCE to support SIP calls See Configuring ASBCE support of from unregistered endpoints. unregistered Avaya SIP endpoints on page 248.
April 2018 Deploying Avaya Equinox Solution 214 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
Planning your ASBCE deployment in the OTT solution There are a number of criteria that must be considered when planning the SBCE deployment in your organization. Network zones The deployment assumes there are two zones: DMZ for edge devices, and Equinox internal for most servers (see Figure below).
Figure 105: Network zones
The Equinox internal network can be the private network, or can be a zone that a firewall separates from the private network. There is no NAT between the Equinox internal network and the private one. Most components are installed in the private network. This includes the Management and Media servers. The edge devices include: • SBCE - the main edge device for SIP, HTTPS and all clients. It has one interface in the DMZ and another one in the Equinox internal network. • Reverse proxy. It can be part of the SBCE in small deployments, or can be handled by an Avaya approved, third party load balancer (like A10). If the third-party load balancer is used, it must have one interface in the DMZ and the other one in the Equinox internal network. SBCE The SBCE is the key element for firewall traversal.
April 2018 Deploying Avaya Equinox Solution 215 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Avaya recommends that all HTTPS traffic goes through SBCE, as well as all traffic from outside the VPN. SBCE serves four different (but similar) functionalities: • HTTPS reverse proxy - for all HTTPS traffic from outside and inside the VPN. • SIP SBCE for external SIP entities (room systems). • Media relay for Avaya Equinox®. • Media relay for Avaya Equinox Meetings for Web Client. Three functionalities use port 443, which means that SBCE needs three different external IP addresses (as well as certificates to match). If there is no need for 443 fallback, a single IP address can be used. Single IP and reverse proxy Internal servers (such as Media and Management servers) use HTTPS. To avoid having an external IP address (and certificate) for each internal server, most traffic is multiplexed over a single IP address and FQDN, with the reverse proxy distributing the traffic to the different internal servers. HTTPS traffic for internal traffic must also be multiplexed, and the internal traffic go also through the reverse proxy. This can be done using the same reverse proxy with the internal interface (an additional IP address might be required). Media tunneling By default, media (audio and video) use UDP as the transport protocol. Voice (and video) over IP are designed to use UDP, which provides the best conferencing quality. Clients from various locations must be able to join a conference, including guests that are located behind a remote organizational firewall. Because this type of firewall sometimes blocks UDP traffic, a TCP fallback solution must be provided. Fallback to port 443 which is typically outbound open in most organizations also needs to be part of the solution. The Equinox Solution provides the following: • By definition, SIP cannot use port 443. • For client signaling and control, the solution always uses HTTPS over 443. • For client's media, the solution prefers using UDP, but has a fallback to TCP 443 (also known as HTTP tunneling). SBCE handles the tunneling. • Avaya Equinox® Client and Avaya Equinox Meetings for Web Client use two different tunneling modes, due to browser limitations. Both use TCP 443, but in a different way. • - Avaya Equinox® Client uses TLS session port 443. The client does not validate the trust chain for this certificate, but uses fingerprints provided during signaling (similar to DTLS). Hence, the certificate used by SBCE does not need to be from a trusted CA. - Avaya Equinox Meetings for Web Client uses TCP session on port 443. Certificates Because there are several services and several IP addresses, SBCE needs a certificate with multiple SAN, signed by a trusted third party CA that includes FQDN for the reverse proxy and SIP interfaces, and all IP address external interface. Depending on the type of deployment, the certificate can include up to five SAN (two FQDNs and three IP addresses).
April 2018 Deploying Avaya Equinox Solution 216 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
Certificate map The deployment is based on the concept of two CAs: • A third party CA (such as go Daddy, Entrust, or VeriSign) that sign certificate for the client facing components. • An internal CA that signs certificates for most servers. It is possible to have all certificate signed by a third party. For servers, the concept is implemented as follows: • SBCE - Must be aware of both CAs (third party and internal) and must have self certificates from both. The certificate from the external CA is used to client facing interface (external and internal) while internal CA certificate is used for server facing interfaces (internal only). • Management server - Must be aware of both CAs. It must have the self certificate from the internal CA only. The Management server must also be aware of and trust other CAs because it interacts with non Equinox components such as the LADP server. • All other servers (such as Media and Portal) must only be aware of and trust the internal CA, from which they need to have a certificate. Note: For client tunneling:, the concept is implemented as follows: • Web-RTC tunneling for Avaya Equinox Meetings for Web Clients WebRTC requires an additional B1 IP address on SBCE. As such, another third party external CA is required for the WebRTC tunneling address. • Avaya Equinox® Client Meet-me tunneling Avaya Equinox® Client connecting as meet-me to the Equinox portal URL via SBCE requires an additional B1 meet-me tunneling IP address on SBCE. The Avaya Equinox® is usually downloaded from the portal with the organization’s internal CA already installed. As such, an internal CA certificate for the SBCE tunneling address is sufficient in most cases. A third party external CA certificate is required when using an Avaya Equinox® Client downloaded from organization X and used as meet-me to connect to organization Y. Capacity A single SBCE can handle up to 1,000 clients for reverse proxy (internal or external), 300 clients for media (UDP) and 100 clients for 443 media tunneling if needed. If the required capacity is higher, more servers need to be installed. Multiple servers - redundancy and capacity Consider the following when planning redundancy: • Media servers - any number of servers can be installed, and they have internal load balancing. There is no need for an external load balancer. The redundancy module is N+1.
April 2018 Deploying Avaya Equinox Solution 217 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Note: In the N+1 redundancy, all the servers are active and in normal operation mode the solution capacity is higher. When one of the servers fails, the system drops capacity to N, which is the originally desired capacity. • Management server - It is possible to install an extra server for redundancy. There is no option to install more than one server for extra capacity. The redundancy module is an active- standby HA pair with virtual IP. • Portal - In a small deployment, the Portal co-resides on the Management server with the same redundancy module. For a larger deployment, the Portal can be distributed from Management, and more than one server can be installed for capacity. There is internal load balancing with N+1 redundancy using virtual IP. • UCCS (also called Equinox Conference Control- UCCS is the Conference Control manager. In a small deployment, UCCS co-resides on the Management server with the same redundancy module. For larger cases, UCCS can be distributed from management, and more than one server can be installed for capacity. There is internal load balancing and redundancy. There is no need for a virtual IP. • SBCE for reverse proxy - No internal load balancing exists, so capacity is limited to a single server. However, it is possible to install tow servers for redundancy HA pair using virtual IP. • SBCE for SIP (room systems) - No internal load balancing exists, so capacity is limited to a single server. However, it is possible to install tow servers for redundancy HA pair using virtual IP. • SBCE for clients - Several servers can be installed for enhanced capacity with the N+1 redundancy module. There is internal load balancing. • For large deployments with HTTP reverse proxy - Avaya recommends to use an approved, external load balancer (such as A10). Capacity and the redundancy module depend on the server. Related links Small deployment on page 218 Medium deployment on page 220 Large deployment on page 221 Firewall traversal in OTT — normal security on page 223 Firewall traversal in OTT — enhanced security on page 225
Small deployment A small deployment has the following characteristics: • Up to 500 concurrent calls altogether, up to 50 outside the VPN, and needs tunneling. • Portal and UCCS co-reside with Management. • SBCE handles reverse proxy.
April 2018 Deploying Avaya Equinox Solution 218 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
Table 26: Small deployment configuration requirements
Component Private DMZ IP Internal CA External CA Redundancy Comments network IP certificate certificate module Management One IP FQDN based High Including address with Availability UCCS and FQDN (HA) pair portal Media One IP IP based N+1 All kinds: servers address, no Scopia® Elite FQDN 6000 MCU, Equinox Media Server, standalone WCS, Media Server (AMS ), Web Gateway SBCE Two Three Multiple SAN HA pair addresses: addresses: - FQDN and three DMZ IP 1. For 1. For addresses incomin reverse g proxy reverse and SIP, proxy with with FQDN FQDN 2. For 2. For all Equinox For 2., under other Client the Private traffic, media, network IP no tunneled address FQDN and non- column: IP tunneled based for , no DMZ IP; IP FQDN based for private IP. 3. For all Web Client media (TURN), tunneled and non- tunneled , no FQDN
Related links Planning your ASBCE deployment in the OTT solution on page 215
April 2018 Deploying Avaya Equinox Solution 219 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Medium deployment The deployment has the following characteristics: • Up to 1,000 concurrent calls altogether, more than 50 outside the VPN, and needs tunneling. • Portal and UCCS co-reside with Management. • SBCE handles reverse proxy. • One SBCE (HA pair) for reverse proxy and standard SIP (room systems). • Multiple SBCEs for client media (tunneled and none tunneled).
Table 27: Medium deployment configuration requirements
Component Private DMZ IP Internal CA External CA Redundancy Comments network IP certificate certificate module Management One IP FQDN based HA pair Including address with UCCS and FQDN portal Media One IP IP based N+1 All kinds: servers address, no Scopia® Elite FQDN 6000 MCU, Equinox Media Server, standalone WCS, Media Server (AMS) Main SBCE Two IP One IP See 2., Multiple SAN HA pair For reverse addresses: address with under the – FQDN and proxy and FQDN for Private DMZ IP standard SIP 1. For reverse network IP addresses – room incomin proxy and address systems g SIP column: IP outside the reverse based for VPN proxy private IP with FQDN 2. For all other traffic no FQDN Table continues…
April 2018 Deploying Avaya Equinox Solution 220 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
Component Private DMZ IP Internal CA External CA Redundancy Comments network IP certificate certificate module Media SBCE One IP Two IP IP based for Multiple SAN N+1 For client address, no addresses: private IP – two DMZ IP media FQDN addresses 1. For Equinox Client media – tunneled and non tunneled no FQDN 2. For all Web Client media (TURN), tunneled and non- tunneled no FQDN
Related links Planning your ASBCE deployment in the OTT solution on page 215
Large deployment The deployment has the following characteristics: • Over 1,000 concurrent calls. • More than one Portal, separated from Management. Internal load balancing. • More than one UCCS, separated from Management. Management load balancing. • External load balancer acting as reverse proxy (A10 or other Avaya approved) . • One SBCE (HA pair) for standard SIP. • Multiple SBCEs for client media (tunneled and non-tunneled).
April 2018 Deploying Avaya Equinox Solution 221 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Table 28: Large deployment configuration requirements
Component Private DMZ IP Internal CA External CA Redundancy Comments network IP certificate certificate module Management One IP FQDN HA pair Including address with based UCCS and FQDN Portal Portal servers One IP based for N+1 Internal load address, no each server balance FQDN for plus one using VIP each server FQDN + one virtual based for IP (VIP) the VIP address with FQDN UCCS One IP FQDN N+1 address with based FQDN Media servers One IP IP based N+1 All kinds: address, no Scopia® Elite FQDN 6000 MCU, Equinox Media Server, standalone WCS, Media Server (AMS), Web Gateway SIP SBCE One IP One IP IP based for FQDN HA pair For room address, no address with private IP based for systems FQDN FQDN address DMZ IP outside the address VPN Media SBCE One IP Two IP IP based for Multiple SAN N+1 For client address, no addresses: private IP – two DMZ media FQDN address IP 1. For addresses Equinox Client media, tunnele d and non- tunnele d no FQDN 2. For all Web Table continues…
April 2018 Deploying Avaya Equinox Solution 222 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
Component Private DMZ IP Internal CA External CA Redundancy Comments network IP certificate certificate module Client media (TURN), tunnele d and non- tunnele d no FQDN Load balancer Two IP One IP IP based for FQDN HA pair Depending addresses: addresses internal IP. based for on the type with FQDN See 2., DMZ IP and of load 1. For under private IP. balancer, it incomin thePrivate See 1., may be able g network IP under the to use only reverse address Private one internal proxy column. network IP leg. (listen) address with column. FQDN Same 2. For all FQDN, outgoing same (toward certificate. servers), no FQDN
Related links Planning your ASBCE deployment in the OTT solution on page 215
Firewall traversal in OTT — normal security The figure below illustrates how the components interact with the means for protecting the organization against intrusive attempts.
April 2018 Deploying Avaya Equinox Solution 223 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Figure 106: Normal security
When opening ports between the DMZ and the public, use the following as a reference:
Table 29: External firewall
External IP External Port DMZ IP DMZ Port Traffic type Comments Any Any SBCE Equinox TCP 5061 SIP signaling Always initiated leg from outside Any Any SBCE Equinox UDP - UDP media for Bi-directional leg Configurable SIP endpoints traffic port range and Equinox clients Any Any SBCE Equinox TCP 443 Equinox client Always initiated leg media HTTP from outside tunneling Any Any SBCE Equinox UDP 3478 UDP media for Always initiated web leg Equinox web from outside clients Table continues…
April 2018 Deploying Avaya Equinox Solution 224 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
External IP External Port DMZ IP DMZ Port Traffic type Comments Any Any Reverse proxy TCP 443 HTTPS traffic - Always initiated portal, from outside conference control and web collaboration
When opening ports between the Equinox servers and the clients inside the enterprise, use the following as reference:
Table 30: Between Equinox internal and private
Equinox Equinox Private IP Private Port Traffic type Comments Internal IP Internal Port Any media UDP - Any client UCP - any RTP media Bi-directional server Configurable traffic port range Management TCP 5061 Any client TCP - any SIP signaling Always initiated from inside Reverse proxy TCP 443 Any client TCP - any HTTPS traffic - Always initiated portal, from inside conference control and web collaboration Management TCP 443 Any admin TCP - any Admin access Can have whitelist IP for administrators
Related links Planning your ASBCE deployment in the OTT solution on page 215
Firewall traversal in OTT — enhanced security The figure below illustrates how the components interact with the means for protecting the organization against intrusive attempts.
April 2018 Deploying Avaya Equinox Solution 225 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Figure 107: Enhanced security
When opening ports between the DMZ and the public, use the following as a reference:
Table 31: External firewall
External IP External Port DMZ IP DMZ Port Traffic type Comments Any Any SBCE Equinox TCP 5061 SIP signaling Always initiated leg from outside Any Any SBCE Equinox UDP - UDP media for Bi-directional leg Configurable SIP endpoints traffic port range and Equinox clients Any Any SBCE Equinox TCP 443 Equinox client Always initiated leg media HTTP from outside tunneling Any Any SBCE Equinox UDP 3478, UDP media for Always initiated web leg UCP 3478 Equinox web from outside clients Table continues…
April 2018 Deploying Avaya Equinox Solution 226 Comments on this document? [email protected] Planning your ASBCE deployment in the OTT solution
External IP External Port DMZ IP DMZ Port Traffic type Comments Any Any Reverse proxy TCP 443 HTTPS traffic - Always initiated portal, from outside conference control and web collaboration
When opening ports between the DMZ and the Equinox servers, use the following as a reference:
Table 32: Between DMZ and Equinox internal
DMZ IP DMZ Port Equinox Equinox Traffic type Comments Internal IP Internal Port SBCE internal UDP - Any media UDP - RTP media Bi-directional leg Configurable server Configurable traffic port range port range SBCE internal UDP 3478 Any media UDP - STUN Always initiated leg server Configurable from inside port range SBCE internal TCP 443 Portal TCP - any Configuration Always initiated leg from inside SBCE internal TCP 443 Management TCP - any Configuration Always initiated leg from inside SBCE internal TCP - any Management TCP 5061 SIP signaling Always initiated leg from inside SBCE internal TCP 5061 Portal TCP - any SIP signaling Always initiated leg from outside Reverse proxy TCP - any Any media TCP 443 Web Always initiated server collaboration from outside Reverse proxy TCP - any Portal TCP 443 Portal and Always initiated signaling from outside Reverse proxy TCP - any Management TCP 443 Conference Always initiated control from outside
When opening ports between the Equinox servers and the clients inside the enterprise, use the following as reference:
Table 33: Between Equinox internal and private
Equinox Equinox Private IP Private port Traffic type Comments internal IP internal port Any media UDP - Any client UCP - any RTP media Bi-directional server Configurable traffic port range Table continues…
April 2018 Deploying Avaya Equinox Solution 227 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Equinox Equinox Private IP Private port Traffic type Comments internal IP internal port Management TCP 5061 Any client TCP - any SIP signaling Always initiated from inside Reverse proxy TCP 443 Any client TCP - any HTTPS traffic - Always initiated portal, from inside conference control and web collaboration Management TCP 443 Any admin TCP - any Admin access Can have whitelist IP for administrators
Related links Planning your ASBCE deployment in the OTT solution on page 215
Certificates
Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. Unregistered remote clients use HTTPS to connect to an Equinox meeting. In HTTPS, Transport Layer Security (TLS) enables network devices to communicate securely using certificates, to provide authentication of the devices and encryption of the communication between them. The folllowing procedures describe how to generate and install an SBCE Portal and services certificate for internal and external reverse proxy. Related links Creating a Certificate Signing Request on page 229 Generating and installing certificates with Aura System Manager default CA on page 230 Installing a CA certificate on ASBCE on page 231 Installing a certificate and key on ASBCE on page 232 Encrypting the key file on page 233 Associating an ASBCE certificate with the ASBCE TLS Client and Server Profiles on page 233
April 2018 Deploying Avaya Equinox Solution 228 Comments on this document? [email protected] Certificates
Creating a Certificate Signing Request About this task The portal and services certificate is the most important certificate. It must be signed by a third party Certificate Authority. For information on certificates and TLS profile management, refer to Administering Avaya Session Border Controller for Enterprise. About this task Procedure 1. In the ASBCE UI, select TLS Management > Certificates. The Certificates tab page appears. 2. Select Generate CSR. The TLS Management Generate CSR window appears. Configure all the fields in the window: • Country Name : The name of the country within which the certificate is being created. • State/Province Name : The state/province where the certificate is being created. • Locality Name : The locality (city) where the certificate is being created. • Organization Name: The name of the company or organization creating the certificate. • Organizational Unit : The group within the company or organization creating the certificate. • Common Name: The name used to refer to or identify the company or group creating the certificate. You cannot provide wildcard (*) characters in this field. • Algorithm : The hash algorithms (SHA256) to be used with the RSA signature algorithm. • Key Size (Modulus Length): 2048 in bits. • Key Usage Extension(s): The purpose for which the public key might be used: Key Encipherment, Non-Repudiation, Digital Signature. • Extended Key Usage: Server Authentication, Client Authentication. • Subject Alt Name: A text field used to further identify this certificate. It must have the following format: DNS:
April 2018 Deploying Avaya Equinox Solution 229 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
5. Delete the key generated and saved on ASBCE - it has a wrong name and will cause issues later. If you cannot see it, navigate to a different page on the ASBCE and return to the previous page. 6. Send the certificate to the third party Certificate Authority to have it signed. Related links Certificates on page 228
Generating and installing certificates with Aura System Manager default CA About this task Use the System Manager as a Certificate Authority, or send the certificate to a third party Certificate Authority for validation. For detailed infpormation, see Administering Avaya Aura® System Manager information Before you begin Take the following into consideration: • A Certificate Signing Request (CSR) is used by a server to apply for an SSL/TLS certificate. • Certificate profiles determine the specific behavior of a certificate type, mainly through particular extensions. There are default certificate profiles available, and this procedure assumes you will use the built-in ID_CLIENT_SERVER profile. • End entities are users such as a browser, an email client, or a server. This procedure assumes you are adding a server, using the default INBOUND_OUTBOUND_TLS end entity profile. This profile is used for client and server authentication. Procedure 1. Login to Aura System Manager. 2. Navigate to Security > Certificates > Authority. 3. Navigate to CA Structure & CRLs > Download PEM file of the CA Certificate. 4. Click Get CRL and save them. 5. Check that the Certificate Profile is set as follows: • Key Usage Extension: Digital Signature and Key encipherment • Extended Key Usage: Server Authentication and Client Authentication 6. If you already configured an end entity, navigate to Search End Entity, enter the username and click Search. Select Edit End Entity link. In Status, select New and enter the missing password. To create an entity for the first time, navigate to Add End Entity. Enter the Username and Password, and save them for the next time you want to issue a certificate for same system. Use this procedure to accumulate certificates per user.
April 2018 Deploying Avaya Equinox Solution 230 Comments on this document? [email protected] Certificates
Then configure these fields as follows: • Subject DN > CN: FQDN of server that provides TLS support. • Subject Alternative Name: - DNS name: FQDN of server that provides TLS support. - IP Address: IP address of the IP requiring TLS. It has the following format: PublicIP_of_SBCE_for_TLS_Tunneling_WebRTC • Certificate Profile: ID_CLIENT_SERVER with its relevant key features. • CA: tmdefaultca. • Token: User Generated . • Click Add (if new entity) or Save (in case of an existing entity). 7. Navigate to Public Web. 8. Navigate to Enroll > Create Certificate from CSR . 9. Enter the Username and Password used when adding the end entity. 10. Open the CSR request (.csr) in a text editor and copy paste its content into the designated text box. 11. Roll Type: PEM certificate only (or PEM full certificate chain when certificate chain is needed) 12. Click OK. A certificate in PEM format is created (or a PEM full certificate chain is created when the certificate chain is needed). 13. Save the Certificate PEM file. Related links Certificates on page 228
Installing a CA certificate on ASBCE About this task Procedure 1. In the ASBCE GUI, go to TLS Management > Certificates and press Install . Configure these fields as follows: • Type : Select CA Certificate. • Name: Enter its name. • Overwrite Existing: Select if replacing CA with same name. • Allow weak Certificate key: Select if the CA certificate is signed with a weak key. • Certificate File: select the CA certificate file.
April 2018 Deploying Avaya Equinox Solution 231 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
2. Press Upload. Related links Certificates on page 228
Installing a certificate and key on ASBCE About this task For detailed information on uploading certificates, see TLS Management in Administering Avaya Session Border Controller for Enterprise. Procedure 1. Rename the certificate (.pem) and key (.key) files to the same name, for example qs1.pem and qs1.key. The name must not contain a dot (".") 2. In the ASBCE GUI, navigate to TLS Management > Certificates. 3. Click Install and configure these fields as follows: • Type: the type of certificate you want to install. • Name: the name of the certificate you want to install. This field is optional, and if not specified, the filename of the uploaded certificate is used as the certificate name. Additionally, specifying a name same as another certificate will overwrite the existing certificate with the one being uploaded. • Overwrite Existing: An option to control whether uploading a certificate with the same name is permitted. If this field is cleared, uploading a certificate with the same name as another certificate causes failure. If this field is selected, uploading a certificate with the same name overwrites an existing certificate. • Allow Weak Certificate Key: An option to permit usage of a weak private keys. This option bypasses the check that requires strong private keys. EMS rejects private keys lesser than 2048 bits or signed with an MD5 based hash by default. • Certificate File: The location of the certificate on your system. Depending on your browser, click Browse or Choose file to browse for the file. If the third party CA provides separate Root CA and Intermediate certificates, you must combine both files into a single certificate file for ASBCE. To combine the files, add the contents of each certificate file one after the other, with the root certificate at the end. • Key: The private key that you want to use. You can opt to use the existing key from the file system or select a file containing another key. • Key File: The button that is displayed when you select Upload Key File in the Key field. Depending on the browser, click Browse or Choose File to locate the file. 4. Click Upload.
April 2018 Deploying Avaya Equinox Solution 232 Comments on this document? [email protected] Certificates
Related links Certificates on page 228
Encrypting the key file About this task This step is mandatory. If it is not implemented, the nginx process will fail loading because the certificate will have the wrong key. Before you begin Install the certificate and key on the ASBCE server. Procedure 1. Login to SBCE SSH as root . 2. Navigate to directory /usr/local/ipcs/cert/key. 3. Using a SSH client, such as PuTTY, start a secure shell (SSH) connection to ASBCE. 4. In the Host Name or IP address field, type the IP address of an ASBCE. 5. In the Port field, type 222, and click Open. 6. To log in to ASBCE, use ipcs login and password (determined and set by the network administrator during the installation procedure). 7. Type enc_key filename passphrase. In this command, filename is the name of the encryption key file, and passphrase is the passphrase you used while generating the CSR. 8. Restart ASBCE. Related links Certificates on page 228
Associating an ASBCE certificate with the ASBCE TLS Client and Server Profiles About this task After you deploy and install an ASBCE identity certificate, you must associate the certificate with the ASBCE Client and Server Profiles. For detailed information on certificates and TLS profile management, refer to Administering Avaya Session Border Controller for Enterprise. Procedure 1. On the ASBCE UI, select TLS Management > Client Profiles and select Add. 2. In the Profile Name field, enter a name for the profile.
April 2018 Deploying Avaya Equinox Solution 233 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
3. In the Certificate field, select the installed CA certificate that you want to associate with the profile. 4. Configure information in the remaining fields, as needed, and select Next. 5. Select the relevant TLS versions, as needed, and select Finish. The client profile appears on the Client Profile page. 6. Select TLS Management > Server Profiles and select Add.
7. In the Profile Name field, enter a name for the profile. 8. In the Certificate field, select the installed certificate that you want to associate with the profile. 9. Configure information in the remaining fields, as needed, and select Next. 10. Select the relevant TLS versions, as needed, and select Finish. The server profile appears on the Server Profile page. Related links Certificates on page 228
Configuring ASBCE network interfaces About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on: • System configuration • Server and network configuration • Device configuration • WebRTC-enabled call processing Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Network Management > Network. 3. In addition to the M1, the management interface that was configured upon ASBCE installation, configure: • A1, the internal interface with at least 2 IP addresses associated to it. • B1, the external IP addresses with at least 2 IP addresses associated to it.
April 2018 Deploying Avaya Equinox Solution 234 Comments on this document? [email protected] Configuring ASBCE signaling interface
Configuring ASBCE signaling interface About this task Refer to the guide for Administering Avaya Session Border Controller for Enterprise for detailed information on configuring the signaling interface in the system. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Signaling Interface and select Add. 3. Configure these fields as follows: • Name: enter the name for the internal signaling interface (A1). • IP Address: the network name, identified by the interface name and VLAN tag, and IP address of the ASBCE used by SIP signaling messages traversing the network. • TCP Port: enter 5060 • UDP Port: leave the field blank for a non-tunneled mode. • TLS Port: enter 5061. • TLS Profile: select the previously configured TLS profile.
Configuring ASBCE media interface for OTT About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on: • Media tunneling • Media interface • Media video • End point policy groups Before you begin Verify the SBC has a self-signed certificate or CA certificate installed. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. (Media tunneling only) Navigate to Device Specific Settings > Advanced Options > Feature Control tab. Select the Media Tunneling checkbox, and select Save.
April 2018 Deploying Avaya Equinox Solution 235 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
3. (Media tunneling only) To create the TLS Server Profile for external media interface: a. Navigate to TLS Management > Server Profiles. b. Configure these fields: • Profile Name: enter a name. • Certificate : select the SBC’s own certificate that can be a self signed or CA certified. • Peer Verification: select Optional. • Peer Certificate Authorities: leave empty. • Peer Certificate Authorities or Peer Certificate Revocation Lists: leave empty. • Verification Depth: enter 1. • Leave other fields with their default values. c. Select Next, then Finish. 4. To configure external media interface, navigate to Device Specific Settings > Media Interface and select Add. Configure these fields: • Name: enter media interface name • IP Address: select B1 IP address, taking the following into account: - Do not use this IP address for any other interface bound to port 443 (HTTP tunneling configuration). - Do not use VLAN tag for media tunneled interface. • TLS Profle: select a TLS server profile for the media interface, if media tunneling is enabled. For self-signed certificates on the client, use the TLS server profile created for the external media interface. • Buffer Size: select the buffer size from the list containing values from 400 to 1000 in KB. • Leave other fields with their default values. 5. To configure the internal media interface, navigate to Device Specific Settings > Media Interface and select Add. Configure these fields: • Name: enter the media interface name. • IP Address: Select the A1 IP address • Leave other fields with their default values. 6. To enable video media, navigate to Domain Policies > Application Rules page, and clone an existing application rule or add a new one.
April 2018 Deploying Avaya Equinox Solution 236 Comments on this document? [email protected] Configuring ASBCE load monitoring for OTT
Configure these fields: • Enable In/Out Audio/Video application types. • Configure Maximum Concurrent Sessions and Maximum Sessions Per Endpoint 7. To configure media encryption and enable BFCP and/or FECC, navigate to Domain Policies > Media Rules and clone an existing media rule or add a new one. Configure these fields: • On the Encryption tab, in the Miscellaneous section, select the Capability Negotiation checkbox. • On the Advanced tab, select the BFCP Enabled and FECC Enabled checkboxes. 8. To configure the policy group with the newly created application and media rules, navigate to Domain Policies > End Point Policy Groups and clone an existing policy group or add a new one.
Configuring ASBCE load monitoring for OTT About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on load monitoring. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Advanced Options > Load Monitoring 3. Select Add to create the new load monitoring profile. 4. Configure these fields as follows: • Load Balancer Type: select INTERNAL. Load balancer on the A1 side of the network. Equinox Management does load balancing towards the internal side. All HTTP requests sent for dialing out use the internal load balancer logic to identify the appropriate ASBCE. • Transport: select the Load Balancer protocol. • Load Balancer Port: enter 80 if TCP is used, or 443 if TLS is used. • TLS Profile: select SBC server profile that uses certificate with FQDN of A1 interface in SAN if TLS is used • Listen IP: select the internal interface (A1). It can have a separate IP address. 5. Select Finish.
April 2018 Deploying Avaya Equinox Solution 237 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Configuring ASBCE server flows for OTT About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on server flows. This procedure details the settings for the OTT solution. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. To create an Interworking Profile or update an existing profile, navigate to Global Profiles > Server Interworking and select Add for a new profile. Configure these fields as follows: • For a new profile, set all options as default. • In Advanced Options > Has Remote SBC: select No (disabled). 3. To add a configuration for Equinox Management, navigate to Global Profiles > Server Configuration and select Add. Configure these fields as follows: • Server Type: select Trunk Server. • SIP domain: you can leave it blank. • TLS Client Profile: select the previously created Equinox Management client profile if TLS port is specified. • Add the Equinox Management FQDN with port and protocol specified (TCP and/or TLS). • On Advanced Options, select the Enable Grooming checkbox and select the previously created Interworking Profile. • You can leave other settings with their default values. 4. To add a flow for Equinox Management, navigate to Device Specific Settings > End Point Flows > Server Flows and select Add. • Flow Name: enter a name such as EqMngFlow. • Server Configuration: select the configuration you previously created for Equinox Management. • Received Interface: select the internal interface (A1). • Signaling Interface: select the internal interface (A1). • Media Interface: select the internal interface (A1). • Select the Endpoint Policy Group as required. • You can leave other settings with their default values.
April 2018 Deploying Avaya Equinox Solution 238 Comments on this document? [email protected] Configuring the ASBCE STUN TURN server for OTT
Configuring the ASBCE STUN TURN server for OTT About this task This procedure describes how to configure the ASBCE STUN TURN server that Equinox Meet-me and Equinox Meetings for Web (WebRTC) clients use for media connection. Refer to the Administering Avaya Session Border Controller for Enterprise for detailed information on WebRTC-enabled call processing. In addition to this procedure, you must also add the ASBCE STUN TURN server to Equinox Management, and then configure the STUN TURN server on the Media Server Configuration page for video media servers. For details, see Configuring the Equinox Media Server from Equinox Management in Administrator Guide for Avaya Equinox Management. Procedure 1. On the ASBCE UI, select Device Specific Settings > TURN/STUN Settings. 2. Select Add. The Modify TURN STUN Server Configuration page opens. 3. In the List Port field, enter 3478. 4. In the Media Relay Port Range field, enter the port range. 5. Configure other fields as required, and select Finish. The results display on the TURN STUN Configuration page. 6. Select Add Listen/Relay IP Pair and configure the network’s Listen IP and Media Relay IP addresses through which data will pass. 7. Save your configurations.
OTT deployment — Single IP and single FQDN for HTTP traffic Remote clients and endpoints that need to participate in conferences have to interact with multiple components through HTTPS. In a non-tunneled mode, the solution uses the ASBCE URL rewriting method to eliminate the need of multiple external public IPs, FQDNs, and certificates. With this method, guests can access a conference via a single FQDN and a single IP address, using port 443. As each FQDN needs a certificate, and there is only one FQDN to interact with, this method also allows saving on the costs of commercial certificates. URL rewriting can be used in all Equinox deployments. The URL rewriting method enables using a single FQDN and a single IP address for accessing multiple media and management servers, via port 443.
April 2018 Deploying Avaya Equinox Solution 239 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
You must set up and configure the solution components as described in the server documentation. The procedures described in this section are examples of configuration and include only a few of the settings required for the deployment. Servers and services These servers and services utilize HTTPS: • User Portal (Avaya Aura® Web Gateway server). • Equinox Conference Control (also called UCCS). • Web Collaboration Server (WCS). This example describes a centric OTT deployment, so the User Portal and Equinox Conference Control reside on the same server as Equinox Management. WCS can be a standalone server (if it provides web collaboration for a legacy Scopia® Elite 6000 MCU) or be part of the Equinox Media Server (audio or video). Multiple Web Collaboration Servers are deployed for scalability and high capacity. Each server has a unique IP address and unique FQDN. Equinox Management is doing the load balancing among the multiple WCSs. If more than one portal or UCCS are needed, they share the same IP and FQDN using an external load balancer. • Avaya Session Border Controller for Enterprise (ASBCE). Firewall traversal For Equinox Management, the client can be inside or outside the VPN. The setup requires the use of a split horizon DNS and a reverse proxy for firewall traversal. In this example, the split horizon DNS means that the internal DNS resolves wcs1.mydomain.com to 10.0.0.11, while the external DNS resolves wcs1.mydomain.com to the reverse proxy’s external leg. Thus, when the client tries to contact wcs1.mydomain.com externally, it reaches the reverse proxy. Note: For a successful deployment of the Equinox solution, it is mandatory to provision a split horizon DNS of the User Portal URL. The following table lists the details of the servers used in this example.
Table 34: Configuring IP addresses and FQDNs in internal DNS
Type of server Server IP address Server FQDN Listening port Equinox Management that 10.0.0.1 app.mydomain.com includes User Portal and Equinox Conference Control. WCS1 10.0.0.11 wcs1.mydomain.com 443 WCS2 10.0.0.12 wcs2.mydomain.com WCS3 10.0.0.13 wcs3.mydomain.com
April 2018 Deploying Avaya Equinox Solution 240 Comments on this document? [email protected] OTT deployment — Single IP and single FQDN for HTTP traffic
Table 35: Configuring IP address and FQDN in External DNS
Type of server Server IP address Server FQDN Listening port ASBCE 150.50.0.1 equinox.mydomain.com 443
Take the following into consideration: • The IP address of the ASBCE’s internal leg is set to 10.0.0.21. There is no FQDN. • The ASBCE does not support a reverse proxy where the incoming and outgoing traffic goes to the same IP address, so you must create an additional internal IP address (10.0.0.22) to be used by listeners. • You can configure the port for the User Portal and Equinox Conference Control. The User Portal actually listens to two different ports: one port for the internal traffic, and another port for the external traffic. The external traffic is a port that only the reverse proxy knows. To implement remote firewall traversal (for guests from remote organizations), all HTTPS traffic use port 443. URLs Each service uses a different path in its URL. For example, the User Portal home page is https://app.mydomain.com/portal/tenants/default/. Each service uses multiple URLs, and all URLs have the same format:
Table 36: Service prefixes
Prefix Service /acs AAWG /ups AAWG /csa AAWG /uwd/dist AAWG /notification AAWG /portal AAWG /uwd/rest UCCS /uwd/ws UCCS /viewer WCS /wcsws WCS /plugins WCS
Related links Configuring remote client access to the Unified Portal on page 242 Configuring Equinox Conference Control for OTT on page 242
April 2018 Deploying Avaya Equinox Solution 241 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Configuring web collaboration for OTT on page 243 Configuring reverse proxy for OTT on page 243
Configuring remote client access to the Unified Portal About this task Login to Equinox Management to configure client access to the User Portal. Before you begin Follow the steps in the checklist. Procedure 1. In Equinox Management, navigate to Settings > Devices > User Portal/Web Gateway. 2. Configure the following fields: • Frontend FQDN : the ASBCE FQDN (equinox.mydomain.com) • Frontend Port: 443 • Enable Web Client: check the field. 3. Select Apply. The Frontend Scheme appears on the screen, formatted as https:// equinox.mydomain.com:443/portal. Related links OTT deployment — Single IP and single FQDN for HTTP traffic on page 239
Configuring Equinox Conference Control for OTT About this task Log in to Equinox Management to configure Equinox Conference Control. Before you begin Follow the steps in the deployment checklist. Procedure 1. In the Equinox Management administrator portal, navigate to Dashboard > > Advanced Parameters. 2. In the Property Name field, enter com.visionnex.vcms.core.uccp.customizedUCCPURL 3. In the Property Value field, enter (for example) https://equinox.mydomain.com: 443/uwd/ws?ticket= 4. Select Apply.
April 2018 Deploying Avaya Equinox Solution 242 Comments on this document? [email protected] OTT deployment — Single IP and single FQDN for HTTP traffic
Related links OTT deployment — Single IP and single FQDN for HTTP traffic on page 239
Configuring web collaboration for OTT About this task Login to Equinox Management to configure client access to web collaboration. The Web Collaboration Server (WCS) is a component in the Equinox Media Server. WCS can also be used as standalone server when a Scopia® Elite 6000 MCU is deployed in the Equinox Solution. Before you begin Procedure 1. In Equinox Management, navigate to Devices > Devices by Type >
Configuring reverse proxy for OTT About this task This solution can include multiple Web Collaboration servers and the Application server (also called Equinox Management) hiding behind a single external IP and FQDN using port 443 only. Before you begin • Generate and upload a matching certificate (named equinox.mydomain.com) and create a matching server profile (named equinox_server). Generate a certificate from the CA used internally with Subject Alternate Name (SAN) for the internal leg 10.0.0.21, and create a matching client profile (call it client). • The ASBCE does not support a reverse proxy where the incoming and outgoing traffic goes to the same IP address, so you must create an additional internal IP address (10.0.0.22) to be used by listeners.
April 2018 Deploying Avaya Equinox Solution 243 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
Procedure 1. Navigate to System Management > Device Specific Settings > DMZ Services > Relay Services > Reverse Proxy. 2. Select Add to create the external Reverse Proxy Profile. Configure the following parameters: • Name: enter a descriptive name. • Listen IP: select the external media interface and the ASBCE external leg IP address (B1, 150.50.0.01). • Listen Port: enter 443. • Listen TLS Profile: select equinox_server. • Connect IP: select the internal media interface and the internal leg IP address (A1, 10.0.0.21) . • Server TLS Profile: select client. • Enable the Rewrite Rule checkbox. 3. Select Add at the bottom of the page to create an external rewriting rule for the Equinox Management Server component. For the Equinox Conference Control and User Portal/Web Gateway, configure the parameters as shown in the figure below. The system appends the parameter in the URL replace column to the server address.
Table 37: Creating external URL rewrite rules for the User Portal/Web Gateway and Equinox Conference Control — Internet to Equinox internal
Server Addresses Whitelisted URL URL replace Note app.mydomain.com: /acs /acs 8444 app.mydomain.com: /ups /ups 8444 app.mydomain.com: /csa /csa 8444 Portal app.mydomain.com: /uwd/dist /uwd/dist 8444 app.mydomain.com: /notification /notification 8444 app.mydomain.com: /portal /portal 8444 app.mydomain.com: /uwd/rest /uwd/rest 443 Equinox Conference app.mydomain.com: /uwd/ws /uwd/ws Control (UCCS) 443
April 2018 Deploying Avaya Equinox Solution 244 Comments on this document? [email protected] OTT deployment — Single IP and single FQDN for HTTP traffic
4. Select Add at the bottom of the page to create an external rewriting rule for WCS1. Configure parameters as shown in the table below. Note: Make sure to enter trailing slashes (/) in the Whitelisted URL and URL Replace columns, so the system replaces the Whitelisted URL parameter with the server address. Repeat the configuration for each WCS that is part of the deployment.
Table 38: Creating an external URL rewrite rule for WCS1 — Internet to Equinox internal
Server Addresses Whitelisted URL URL replace Note app.mydomain.com: /acs /acs 8444 app.mydomain.com: /ups /ups 8444 app.mydomain.com: /csa /csa 8444 Portal app.mydomain.com: /uwd/dist /uwd/dist 8444 app.mydomain.com: /notification /notification 8444 app.mydomain.com: /portal /portal 8444 app.mydomain.com: /uwd/rest /uwd/rest 443 Equinox Conference app.mydomain.com: /uwd/ws /uwd/ws Control (UCCS) 443 wcs1.mydomain.com: /wcs1/ / 443 wcs2.mydomain.com: /wcs2/ / Media server 443 wcs1.mydomain.com: /wcs3/ / 443 5. Select Finish to save the external rules. 6. In the Reverse Proxy tab, select Add to create the internal Reverse Proxy Profile. Configure the following parameters: • Name: enter a descriptive name. • Listen IP: select the internal media interface and the ASBCE internal leg IP address (A1, 10.0.0.22). • Connect IP: select the internal media interface and select the ASBCE internal leg IP address (A1, 10.0.0.21).
April 2018 Deploying Avaya Equinox Solution 245 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
• Configure the Listen Port, Listen TLS Profile, Server TLS Profile, and Rewrite Rule fields, as explained for the external Reverse Proxy Profile above. 7. Select Add at the bottom of the page to create an internal rewriting rule for the Equinox Management Server component. For the Equinox Conference Control and User Portal/Web Gateway, configure parameters as shown in the table below. The system appends the parameter in the URL replace column to the server address.
Table 39: Creating internal URL rewrite rules for the User Portal/Web Gateway and Equinox Conference Control — Private to Equinox internal
Server Addresses Whitelisted URL URL replace Note app.mydomain.com: /acs /acs 443 app.mydomain.com: /ups /ups 443 app.mydomain.com: /csa /csa 443 Portal app.mydomain.com: /uwd/dist /uwd/dist 443 app.mydomain.com: /notification /notification 443 app.mydomain.com: /portal /portal 443 app.mydomain.com: /uwd/rest /uwd/rest 443 Equinox Conference app.mydomain.com: /uwd/ws /uwd/ws Control (UCCS) 443 8. Select Add at the bottom of the page to create an internal rewriting rule for WCS1. Configure parameters as shown in the figure below. In the URL replace column, enter a trailing slash (/). The system replaces the whitelisted URL with the server address. Repeat the configuration for each WCS that is part of the deployment.
Table 40: Creating an internal URL rewrite rule for WCS — Private to Equinox internal
Server Addresses Whitelisted URL URL replace Note app.mydomain.com: /acs /acs 443 app.mydomain.com: /ups /ups 443 Portal app.mydomain.com: /csa /csa 443 Table continues…
April 2018 Deploying Avaya Equinox Solution 246 Comments on this document? [email protected] Configuring the ASBCE in Equinox Management
Server Addresses Whitelisted URL URL replace Note app.mydomain.com: /uwd/dist /uwd/dist 443 app.mydomain.com: /notification /notification 443 app.mydomain.com: /portal /portal 443 app.mydomain.com: /uwd/rest /uwd/rest 443 Equinox Conference app.mydomain.com: /uwd/ws /uwd/ws Control (UCCS) 443 app.mydomain.com: /wcs1/ / 443 app.mydomain.com: /wcs2/ / Media server 443 app.mydomain.com: /wcs3/ / 443 9. Select Finish to save the internal rules. Related links OTT deployment — Single IP and single FQDN for HTTP traffic on page 239
Configuring the ASBCE in Equinox Management About this task This procedure describes how to add the ASBCE to Equinox Management. In addition to this procedure, you must configure the STUN TURN Server on the Media Server Configuration page for video media servers. For details, see Configuring the Equinox Media Server from Equinox Management in Administrator Guide for Avaya Equinox Management. Important: The ASBCE must be operational (status LED is green) once it is added into Equinox Management, so the Media Server and Web Gateway can start the meeting. Procedure 1. Access the Equinox Management administrator portal. 2. Select Devices > Devices by Type > ASBCE, and select Add. The Add ASBCE page appears. 3. Configure these fields as follows: • Name: enter a name for the ASBCE server.
April 2018 Deploying Avaya Equinox Solution 247 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Over The Top solution
• IP Address: enter any of the ASBCE IP addresses. • Location: select the location of the ASBCE server. 4. Select OK. The ASBCE server displays on the ASBCEs page. 5. Select the ASBCE name in the ASBCE list and configure additional settings. The Update ASBCE page appears. 6. Configure these fields as follows: • Listen/Relay DMZ IP: enter the ASBCE server’s internal IP address (A1). • Port: enter 3478. • Listen/Relay Public IP: enter the ASBCE server’s public IP address as seen from the public Internet (B1 if public, or firewall NAT public address of B1). • Port: enter 3478. • Local SIP IP: enter the IP address of the internal interface configured for signaling on ASBCE (A1). • SIP protocol: select TLS or TCP. • SIP port: enter 5060 or 5061, depending on the protocol used. • Local HTTP IP: enter the internal address configured for the load monitoring entry (A1). • HTTP protocol: select Http or Https. • HTTP port: enter 80 or 443 depending on the protocol used. 7. Select OK.
Configuring ASBCE support of unregistered Avaya SIP endpoints Before you begin Configure the ASBCE as explained in Administering Avaya Session Border Controller for Enterprise. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. In the left navigation pane, click Global Profiles > URI Groups. The system displays the URI Groups window. 3. In the Application pane, click Add. The system displays the URI Group window.
April 2018 Deploying Avaya Equinox Solution 248 Comments on this document? [email protected] Configuring ASBCE support of unregistered Avaya SIP endpoints
4. In the Group Name field, type the name of the URI group. The group name must indicate that the URI group is for SIP calls from unregistered numbers. For example, in the Group Name field, type 97976878_Anonymous. 5. Click Next. 6. In the URI Type field, click Plain. 7. In the URI field, type anonymous@ucaas. This URI group is applied to a subscriber to allow unregistered Avaya SIP endpoints to dial a number. 8. Click Finish. 9. In the left navigation pane, click Device Specific Settings > End Point Flows. The Application pane lists the registered ASBCE security devices for which the new flow is applied. In the content area, the system displays an ordered list of call flows, Subscriber or Server, for the selected ASBCE security devices. 10. From the application pane, select the ASBCE Device for which the new Subscriber End- Point Flow will be created. The system displays the End-Point Flows screen showing the flows that are currently defined for that ASBCE device. 11. Click the Subscriber Flows tab. 12. Click Add. The system displays the Add Flow window. 13. In the Flow Name field, type the name of the endpoint flow. 14. In the URI Group field, click the URI group that you created for emergency calls from unregistered SIP endpoints. 15. In the Signaling Interface field, click the external interface for this ASBCE. 16. Click Next. 17. In the Source field, click Click To Call. 18. In the Media Interface field, click the external interface for this ASBCE. 19. In the End Point Policy Group field, click the policy for remote endpoints. 20. In the Routing Profile field, click the routing profile that is mapped to the required Session Manager. 21. Click Finish. Next steps If you need BFCP and FECC, configure these features as explained in Configuring ASBCE media interface for OTT on page 235.
April 2018 Deploying Avaya Equinox Solution 249 Comments on this document? [email protected] Chapter 13: Avaya Session Border Controller deployment for remote access in Team Engagement solution
Deployment checklist for remote access in TE This chapter describes how to configure the ASBCE for conferencing with remote Equinox Clients (Meet-me), Meetings for Web Clients (WebRTC), and Avaya approved SIP endpoints. Participants in conferences have to interact with multiple servers through HTTPS. To avoid using multiple external public IPs, FQDNS, and certificates, the solution uses ASBCE URL rewriting. The method solves this interfacing complexity by allowing guests to access a conference via a single FQDN and a single IP address, using port 443. As each FQDN needs a certificate, and there is only one FQDN to interact with, this method also allows saving on the costs of commercial certificates. URL rewriting can be used in all Equinox deployments. You must set up and configure the solution components as described in each server documentation. For a full explanation on configuring servers that are part of the deployment, download documents from the Avaya Support website at http://support.avaya.com. The procedures in this chapter describe only a few of the device settings that are required for the deployment.
No Task Link/Notes
1 Configure TLS certificates. See Configuring TLS certificates using Avaya Aura System Manager on page 252 . 2 Install TLS certificates in ASBCE. See Installing TLS certificates on ASBCE on page 253. 3 Associate a certificate with ASBCE client and server See Associating profiles. certificates with TLS client and server profiles on ASBCE on page 254. Table continues…
April 2018 Deploying Avaya Equinox Solution 250 Comments on this document? [email protected] Deployment checklist for remote access in TE
No Task Link/Notes
4 Configure ASBCE network interfaces. See Configuring ASBCE network interfaces on page 234. 5 Configure ASBCE signaling interface. See Configuring ASBCE signaling interface on page 235. 6 Configure ASBCE media interface. See Configuring ASBCE media interface for TE on page 256. 7 Configure ASBCE load monitoring. See Configuring ASBCE load monitoring for TE on page 257. 8 Configure ASBCE server flows. See Configuring ASBCE server flows for TE on page 258. 9 Configure Avaya Aura® Web Gateway. See Configuring Avaya Aura Web Gateway on page 259. 10 Configure web collaboration. See Configuring web collaboration for TE on page 267. 11 Configure the ASBCE reverse proxy rules See Configuring ASBCE for remote client access in TE on page 272. 12 Configure Avaya Aura® Device Services. See Configuring Avaya Aura Device Services on page 276. 13 Configure STUN/TURN for WebRTC. See Configuring TURN/ STUN for WebRTC in TE on page 279. 14 Configure ASBCE to support SIP calls from unregistered See Configuring ASBCE endpoints. support of unregistered Avaya SIP endpoints on page 248.
April 2018 Deploying Avaya Equinox Solution 251 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Configuring TLS certificates using Avaya Aura® System Manager About this task Refer to the guide for Administering Avaya Aura® System Manager (Release 7.0 and up) for detailed information on TLS configuration for the Team Engagement Equinox Solution. Procedure 1. Login to the System Manager. 2. Navigate to Security > Certificates > Authority. 3. Navigate to CA Structure and CRLs > Download PEM file . 4. Click Get CRL. 5. Check that the Certificate Profile (SSLServerCertificateProfile) is configured as follows: • Key Usage: Digital Signature and Key encipherment • Extended Key Usage: Server Authentication and Client Authentication 6. Navigate to Add End Entity, and configure these fields: • Username • Password • CN: FQDN of server that provides TLS support • DNS name • Certificate Profile, with appropriate key features (SSLServerCertificateProfile) • Token: P12 file 7. Click Add. 8. Navigate to Public Web. 9. Navigate to Create Keystore, and enter the Username and Password used for adding the End Entity. 10. (Optional) Click Certificate Chain, and save .crt file. 11. Set key length to 4096 bits and click Enroll. 12. Save the keystore (.p12) file. 13. Copy the keystore (.p12), trusted chain (.crt) and CRL files to the /home/ipcs/ directory on ASBCE. 14. To extract the certificate from the keystore file: type openssl pkcs12 -in filename.p12 -out filename.crt -nokeys -clcerts 15. To extract the key from the keystore file: type openssl pkcs12 -in filename.p12 - out filename.key -clcerts
April 2018 Deploying Avaya Equinox Solution 252 Comments on this document? [email protected] Installing TLS certificates on ASBCE
16. To convert .crt into PEM format: type openssl x509 -inform der -in filename.cer -out filename.pem 17. To convert .crl into PEM format: type openssl crl -inform der -in filename.crl -out filename.pem
Installing TLS certificates on ASBCE About this task Refer to the guide for Administering Avaya Session Border Controller for Enterprise for detailed information on TLS configuration for the Team Engagement Equinox Solution. Before you begin Complete the procedure listed in Configuring TLS certificates using Avaya Aura System Manager on page 252. Procedure 1. Login to the ASBCE web interface. 2. Navigate to TLS Management > Certificates. 3. Click Install and proceed as follows: • Type: CA Certificate • Name: type the name of the Certificate file. • Certificate File: select the System Manager PEM file. • Click Upload. 4. (Optional) Click Install and proceed as follows: • Type: select Certificate Revocation List • Name: type the Certificate name. • Certificate File: select the System Manager CRL PEM file. • Click Upload. 5. Click Install and proceed as follows: • Select Certificate. • Name: type the Certificate name • Certificate File: select .crt file. • Trust Chain File: select ASBCE PEM file. • Key File: select .key file (Upload Key File). • Click Upload.
April 2018 Deploying Avaya Equinox Solution 253 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
6. Repeat for all required certificates. 7. Go to directory /usr/local/ipcs/cert/key. 8. Type enc_key filenamepassphrase. 9. Restart the ASBCE server.
Associating certificates with TLS client and server profiles on ASBCE About this task This procedure explains how to create client and server profiles using previously added certificates. Refer to the guide for Administering Avaya Session Border Controller for Enterprise for detailed information on TLS configuration for the Team Engagement Equinox Solution. Procedure 1. Login to the ASBCE web interface. 2. Navigate to TLS Management > Client Profiles, and click Add. Proceed as follows: • Profile Name: enter a descriptive name (for example, AAWG Client TLS). • Certificate: select the uploaded certificate from the Certificate List. • Peer Certificate Authorities: select the CA certificate. • (Optional) Peer Certificate Revocation Lists: select the relevant CRL. • Set Verification Depth: select 1. • Leave the default settings in the other fields. • Click Next, then Finish 3. Navigate to TLS Management > Server Profiles, and click Add. Proceed as follows: • Profile Name: enter a descriptive name (for example, AAWG Server TLS). • Certificate: select the uploaded certificate from the Certificate List. • Set Verification Depth: select None. • Leave the default settings in the other fields. • Click Next, then Finish.
April 2018 Deploying Avaya Equinox Solution 254 Comments on this document? [email protected] Configuring ASBCE network interfaces
Configuring ASBCE network interfaces About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on: • System configuration • Server and network configuration • Device configuration • WebRTC-enabled call processing Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Network Management > Network. 3. In addition to the M1, the management interface that was configured upon ASBCE installation, configure: • A1, the internal interface with at least 2 IP addresses associated to it. • B1, the external IP addresses with at least 2 IP addresses associated to it.
Configuring ASBCE signaling interface About this task Refer to the guide for Administering Avaya Session Border Controller for Enterprise for detailed information on configuring the signaling interface in the system. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Signaling Interface and select Add. 3. Configure these fields as follows: • Name: enter the name for the internal signaling interface (A1). • IP Address: the network name, identified by the interface name and VLAN tag, and IP address of the ASBCE used by SIP signaling messages traversing the network. • TCP Port: enter 5060 • UDP Port: leave the field blank for a non-tunneled mode. • TLS Port: enter 5061. • TLS Profile: select the previously configured TLS profile.
April 2018 Deploying Avaya Equinox Solution 255 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Configuring ASBCE media interface for TE About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on: • Media tunneling • Media interface • Media video • End point policy groups Before you begin Verify the SBC has a self-signed certificate or CA certificate installed. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. (Media tunneling only) Navigate to Device Specific Settings > Advanced Options > Feature Control tab. Select the Media Tunneling checkbox, and select Save 3. (Media tunneling only) To create the TLS Server Profile for external media interface: a. Navigate to TLS Management > Server Profiles. b. Configure these fields: • Profile Name: enter a name. • Certificate : select the SBC’s own certificate that can be a self signed or CA certified. • Peer Verification: select Optional. • Peer Certificate Authorities: leave empty. • Peer Certificate Authorities or Peer Certificate Revocation Lists: leave empty. • Verification Depth: enter 1. • Leave other fields with their default values. c. Select Next, then Finish. 4. To configure external media interface, navigate to Device Specific Settings > Media Interface and select Add. Configure these fields: • Name: enter media interface name • IP Address: select B1 IP address, taking the following into account: - Verify it is not matched with the IP address used in the Reverse Proxy settings to redirect requests to Avaya Aura® Web Gateway (AAWG).
April 2018 Deploying Avaya Equinox Solution 256 Comments on this document? [email protected] Configuring ASBCE load monitoring for TE
- Do not use this IP address for any other interface bound to port 443 (HTTP tunneling configuration). - Do not use VLAN tag for media tunneled interface. • TLS Profle: select a TLS server profile for the media interface, if media tunneling is enabled. For self-signed certificates on the client, use the TLS server profile created for the external media interface. • Buffer Size: select the buffer size from the list containing values from 400 to 1000 in KB. • Leave other fields with their default values. 5. To configure the internal media interface, navigate to Device Specific Settings > Media Interface and select Add. Configure these fields: • Name: enter the media interface name. • IP Address: select the A1 IP address that is not matched with the IP address used to redirect requests to AAWG in the Reverse Proxy settings. • Leave other fields with their default values. 6. To enable video media, navigate to Domain Policies > Application Rules page, and clone an existing application rule or add a new one. Configure these fields: • Enable In/Out Audio/Video application types. • Configure Maximum Concurrent Sessions and Maximum Sessions Per Endpoint 7. To configure media encryption and enable BFCP and/or FECC, navigate to Domain Policies > Media Rules and clone an existing media rule or add a new one. Configure these fields: • On the Encryption tab, in the Miscellaneous section, select the Capability Negotiation checkbox. • On the Advanced tab, select the BFCP Enabled and FECC Enabled checkboxes. 8. To configure the policy group with the newly created application and media rules, navigate to Domain Policies > End Point Policy Groups and clone an existing policy group or add a new one.
Configuring ASBCE load monitoring for TE About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on load monitoring.
April 2018 Deploying Avaya Equinox Solution 257 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Procedure 1. Log in to the EMS web interface with administrator credentials. 2. Navigate to Device Specific Settings > Advanced Options > Load Monitoring . 3. Select Add to create the new load monitoring profile. 4. Configure these fields as follows: • Load Balancer Type: select INTERNAL. • Transport: select the Load Balancer protocol. • Load Balancer Port: enter 80 if TCP is used, or 443 if TLS is used. • TLS Profile: select ASBCE server profile that uses certificate with FQDN of A1 interface in SAN if TLS is used. • Listen IP: select the internal interface (A1). It can be a separate IP address or match the IP address used for signaling to AAWG. 5. Select Finish.
Configuring ASBCE server flows for TE About this task Refer to the Administering Avaya Session Border Controller for Enterprise guide for detailed information on server flows. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. To create an Interworking Profile or update an existing profile, navigate to Global Profiles > Server Interworking and select Add for a new profile. Configure these fields as follows: • For a new profile, set all options as default. • In Advanced Options > Has Remote SBC: select No (disabled). 3. To add a configuration for the AAWG server, navigate to Global Profiles > Server Configuration and select Add. Configure these fields as follows: • Server Type: select Trunk Server. • SIP domain: you can leave it blank. • TLS Client Profile: select the previously created AAWG client profile if TLS port is specified.
April 2018 Deploying Avaya Equinox Solution 258 Comments on this document? [email protected] Configuring Avaya Aura® Web Gateway
• Add the AAWG FQDN with port and specified protocol (TCP and/or TLS). Add all cluster nodes. • On Advanced Options, select the Enable Grooming checkbox and select the previously created Interworking Profile. • You can leave other settings with their default values. 4. To add a flow for an AAWG server, navigate to Device Specific Settings > End Point Flows > Server Flows and select Add. Configure these fields as follows: • Flow Name: enter a name such as AAWGFlow. • Server Configuration: select the configuration you previously created for AAWG. • Received Interface: select the internal interface (A1). • Signaling Interface: select the internal interface (A1). • Media Interface: select the external interface (B1). • Select the Endpoint Policy Group as required. • You can leave other settings with their default values.
Configuring Avaya Aura® Web Gateway The Avaya Aura® Web Gateway is an Aura server acting as a gateway to Aura for clients and applications utilizing browser based WebRTC signaling and media. The gateway is made up of the Endpoint Service Gateway (also calledWeb Gateway) and Web Portal (also called User Portal). 1. A separate User Portal device must be added for each node of the Avaya Aura® Web Gateway cluster using its respective IP address and location. 2. For the Avaya Aura® Web Gateway and Avaya Equinox® Conferencing to establish a secure connection, each must trust the Root CA that signed the other's certificates. If the System Manager signed certificates are applied in Avaya Equinox®, no further action is required on the Avaya Aura® Web Gateway. If the certificates applied in Avaya Equinox® Conferencing are signed by a third-party CA other than System Manager, you must follow the steps outlined in Adding third-party root CA certificates to the Avaya Aura® Web Gateway in the guide for Deploying Avaya Aura® Web Gateway. For more information about certificates in Avaya Equinox® Conferencing, see Administrator Guide for Avaya Equinox Management. 3. A separate User Portal device must be added for each node of the Avaya Aura® Web Gateway cluster using its respective IP address and location. Related links Certificate setup in Avaya Aura Web Gateway on page 260 Configuring the Avaya Aura® Web Gateway on Avaya Aura® Device Services on page 261
April 2018 Deploying Avaya Equinox Solution 259 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Configuring Avaya Equinox Management on Avaya Aura Web Gateway on page 261 Configuring Avaya Aura Web Gateway on Avaya Equinox Management on page 263 Configuring HTTP reverse proxy settings on Avaya Aura Web Gateway on page 264 Configuring STUN server settings on Avaya Aura Web Gateway on page 264 Adding or editing Avaya Session Border Controller for Enterprise connections on the Avaya Aura Web Gateway administration portal on page 265
Certificate setup in Avaya Aura® Web Gateway About this task If the CA that signs ASBCE and/or Equinox Management certificates does not match with the one used for AAWG, you must add the CA certificates to the AAWG trusted store. For more information on certificates, see the Deploying the Avaya Aura® Web Gateway guide. Before you begin Make sure that the Security Administrator role is configured in LDAP. Procedure 1. Login to the Administration GUI as a user with Security Administrator role assigned. 2. Navigate to Security Settings > Certificate Management > Truststore.
Figure 108: Importing a certificate to the AAWG truststore 3. Click Import. 4. In the Certificate Type field, select the format (PEM or PKCS12). 5. In the Certificate File field, browse for the CA certificate file. 6. Enter an alias name for the file. 7. Click Apply.
April 2018 Deploying Avaya Equinox Solution 260 Comments on this document? [email protected] Configuring Avaya Aura® Web Gateway
8. Restart the system as prompted. Related links Configuring Avaya Aura Web Gateway on page 259
Configuring the Avaya Aura® Web Gateway on Avaya Aura® Device Services About this task Use this procedure to add the Avaya Aura® Web Gateway FQDN to the Avaya Aura® Device Services trusted hosts and to verify HTTP client settings. Procedure 1. On the Avaya Aura® Device Services administration portal, navigate to Server Connections > Trusted Hosts and click Add. 2. In Host, type the Avaya Aura® Web Gateway FQDN. Important: Avaya Aura® Device Services requires the FQDN or IP address for each Avaya Aura® Web Gateway cluster node added to the Avaya Aura® Device Services trusted hosts list. Avaya Aura® Device Services also requires the FQDN or IP address of the Avaya Aura® Web Gateway cluster. 3. On the HTTP Clients tab, ensure that the REST and OAMP options are not set to NONE. If these options are set to NONE, then the trusted host relationship between the Avaya Aura® Web Gateway and Avaya Aura® Device Services will not work. The Avaya Aura® Web Gateway will also not be able to communicate with Avaya Aura® Device Services. Related links Configuring Avaya Aura Web Gateway on page 259
Configuring Avaya Equinox Management on Avaya Aura® Web Gateway Procedure 1. On the Avaya Aura® Web Gateway administration portal, navigate to Equinox Conferencing > Conferencing Server. 2. In Equinox Conferencing Server IP, type the Equinox Management portal server IP address.
April 2018 Deploying Avaya Equinox Solution 261 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
The system automatically populates the following SIP settings after the connection with Equinox Management is established: • FQDN • SIP Port • SIP Transport 3. Click Save. 4. To complete the portal settings, navigate to Equinox Conferencing > Unified Portal Settings. 5. In the Unified Portal Settings area, configure the settings as described in the table below.
Table 41: Unified Portal settings field descriptions
Name Description Conference Clients Specifies the set of clients that can be used by the Unified Portal to join conferences. Avaya Equinox Client Aura Video Ignore Specifies whether the Unified Portal can ignore the Avaya Equinox® videoCapable parameter. Allow Recording Guest Access Specifies whether a guest user will be able to access recordings from the Unified Portal. Allow Portal Guest Access Specifies whether a guest user will be able to access any functionality on the Unified Portal. Allow ESG Guest Access Specifies whether a guest user will be able to join meetings using the Equinox (MeetMe) Client that are launched by the Unified Portal. Web MeetMe WebRTC Browser Type Specifies the types of web browsers that are supported by Equinox Web (MeetMe) Client. Web MeetMe Data Only Browser Version Specifies which web browser types and Exclusion versions are not supported for joining a meeting Web MeetMe Data Only Browser Type in Presentation Only mode. Avaya Communicator Client Aura Domain Specifies the SIP domain of enterprise users that is required for Avaya Equinox® clients to join a meeting. Web MeetMe WebRTC Browser Version Specifies which web browser types and Exclusion versions are not supported for joining a meeting in Presentation Only mode. Web MeetMe WebRTC Browser Min Version Specifies the minimum supported browser version for the Avaya Equinox Meetings for Web (WebRTC) client. Web MeetMe Data Only Browser Min Version Specifies the minimum supported browser version to join a meeting in Presentation Only mode. Table continues…
April 2018 Deploying Avaya Equinox Solution 262 Comments on this document? [email protected] Configuring Avaya Aura® Web Gateway
Name Description Avaya Equinox Client Aura Min Version Specifies the minimum supported Avaya Equinox® version. The default value is 3.1 Avaya Equinox Client MeetMe Min Version Specifies the minimum supported Avaya Equinox® version to join a meeting in Presentation Only mode. The default value is 3.2 6. Click Save. Related links Configuring Avaya Aura Web Gateway on page 259
Configuring Avaya Aura® Web Gateway on Avaya Equinox Management About this task Add the Avaya Aura® Web Gateway server as a managed server device on Avaya Equinox Management. Procedure 1. Select Settings > Configuration and configure these fields: • Service FQDN: the fully qualified domain name (FQDN) of the service. • Local FQDN: the fully qualified domain name (FQDN) of the local user portal 2. Select Settings > Devices > User Portal. The Frontend Scheme for client connection is displayed on the page. Configure these fields: • Frontend FQDN: the FQDN in the Frontend Scheme for client connection • Frontend Port: port 443 for client connection 3. Select Apply. 4. Select Devices > Devices by Type > User Portals, and select Add. 5. Configure these fields on the page: • Name: enter a unique display name for the user portal. • IP Address: the IP Address of the AAWG server. • Location: select the location to match the AAWG location assignment on the AAWG web interface. 6. Select OK. The configured user portal appears on the User Portals page, with detailed information. Wait for a few minutes until the newly added User Portal Device indicator changes from gray to green.
April 2018 Deploying Avaya Equinox Solution 263 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Related links Configuring Avaya Aura Web Gateway on page 259
Configuring HTTP reverse proxy settings on Avaya Aura® Web Gateway About this task This section describes the configuration required to access the Avaya Aura® Web Gateway from outside the enterprise network through Avaya Session Border Controller for Enterprise, which is located at the edge of the enterprise network. Before you begin • Ensure that the front-end port for remote access has been enabled and set as required. • Use this procedure if the Avaya Aura® Web Gateway is fronted by an HTTP reverse proxy that intends to modify any aspect of the Avaya Aura® Web Gateway service access URLs, such as the FQDN, HTTP protocol, port, or base path. • Only modify these settings if the reverse proxy serves all requests to the Avaya Aura® Web Gateway. This includes requests from clients both internal and external to the enterprise. • If the reverse proxy serves only external clients, ensure that the reverse proxy’s configuration accepts requests on port 443 and proxies requests to the Avaya Aura® Web Gateway on the remote access port. In this case, skip this procedure and proceed to Configuring STUN server settings on Avaya Aura Web Gateway on page 264. Procedure 1. On the Avaya Aura® Web Gateway administration portal, navigate to External Access > HTTP Reverse Proxy. 2. In the HTTP Reverse Proxy area, update the settings if required. The default settings are automatically populated. Important: If you want to modify these settings, ensure that the HTTP reverse proxy is configured to normalize all Avaya Aura® Web Gateway requests according to the default configuration. 3. Click Save. Related links Configuring Avaya Aura Web Gateway on page 259
Configuring STUN server settings on Avaya Aura® Web Gateway About this task Use this procedure to add and prioritize STUN servers for an Avaya Aura® Web Gateway location.
April 2018 Deploying Avaya Equinox Solution 264 Comments on this document? [email protected] Configuring Avaya Aura® Web Gateway
Before you begin Ensure that the STUN or TURN server details have been configured on the collocated Avaya Aura® Media Servers. Procedure 1. To add a new STUN server, access the Avaya Aura® Web Gateway administration portal and navigate to External Access > STUN Servers. 2. Click Add and configure these fields as follows: • In Address, type the FQDN or IP address of the STUN server to be used by the HTTP based client. Important: Ensure that this IP address or FQDN is accessible to the clients. These clients might use computers that are external to the enterprise and might also require a STUN server to make a call or join a meeting. • In Port, type the port number of the STUN server to be used by the HTTP-based client. 3. Click Save. 4. To set the STUN priority, do the following: • In Web Gateway Location, select an Avaya Aura® Web Gateway location. • Option In the Assigned STUN Servers area, drag and drop the servers to rearrange them. To add a STUN server to this list, select a server from the Input STUN Servers area and click Add. To remove a STUN server from this list, select a server and click Remove. The STUN servers will serve the selected Avaya Aura® Web Gateway Web Gateway Location according to the priority set in the respective Assigned STUN Servers area. • Click Save. • Repeat the above for each location listed in Web Gateway Location. Related links Configuring Avaya Aura Web Gateway on page 259
Adding or editing Avaya Session Border Controller for Enterprise connections on the Avaya Aura® Web Gateway administration portal About this task Use this procedure to add an ASBCE to the Avaya Aura® Web Gateway administration portal. ASBCE is needed for external desktop clients. For detailed information on installing and deploying the AAWG, see the guide for Deploying the Avaya Aura® Web Gateway.
April 2018 Deploying Avaya Equinox Solution 265 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Before you begin Perform the configuration on the ASBCE administration portal as described in the guide on Deploying Avaya Aura® Web Gateway. Procedure 1. Login to the Avaya Aura® Web Gateway administration portal. 2. Navigate to the External Access > Session Border Controller page. 3. Click Add to add a new ASBCE or click Edit to update the information for an existing ASBCE connection. Configure these fields as follows: • SIP Address: enter the IP address of the internal interface configured for the Signaling Interface on ASBCE (A1). • SIP Port: enter 5060 if you are using TCP or 5061 if you are using TLS. • SIP Protocol: select TCP or TLS. • HTTP Address: enter the internal IP address configured for the load monitoring entry (A1). • HTTP Port: enter 80 if you are using HTTP or 443 if you are using HTTPS. • HTTP Protocol: select http or https. • Location: enter the ASBCE location. Note: • If ASBCEs are placed in different locations, check the location priority configuration on the Location page. • ASBCEs need to be configured only on one node in a cluster. The configuration is propagated automatically to all other nodes. 4. Select Save. After you add an ASBCE on the AAWG web administration portal, the connectivity status for that ASBCE is also displayed. The following table describes the status indicators:
Table 42: ASBCE connectivity status indicators
Icon Status ACTIVE indicates server is available and can be used for calls. To display additional status information, hover the pointer on the status icon: • Audio sessions current value/maximum allowable • Video session current value/maximum allowable • Bandwidth currently allocated on ASBCE in bytes. Table continues…
April 2018 Deploying Avaya Equinox Solution 266 Comments on this document? [email protected] Configuring web collaboration for TE
Icon Status OVERLOAD: server is overloaded with calls and can not be temporarily used.
INACTIVE: load monitoring can not be retrieved for this server. This requires to check the configuration. UNKNOWN: status of the server is not fetched yet.
Related links Configuring Avaya Aura Web Gateway on page 259
Configuring web collaboration for TE Login to Equinox Management to configure client access to web collaboration. The Web Collaboration Server (WCS) is a component in the Equinox Media Server. WCS can also be used as standalone server when a Scopia® Elite 6000 MCU is deployed in the Equinox Solution. Related links Configuring User portal access for TE on page 267 Adding the Media Server in Equinox Management on page 268 Configuring the Media Server network settings on page 269
Configuring User portal access for TE Before you begin You must set up and configure the solution components as described in the server documentation. The following procedure describes only a few of the device settings that are required for the deployment. Procedure 1. To configure client access from the User Portal, navigate to Settings > User Portal and enter the following parameters in the fields: • Frontend FQDN: the singleEquinox Management service FQDN • Frontend Port: 443 2. Select Apply . Related links Configuring web collaboration for TE on page 267
April 2018 Deploying Avaya Equinox Solution 267 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Adding the Media Server in Equinox Management Before you begin Get the following details: • Server IP address • Gatekeeper IP address (if required) • Server location, if the deployment has multiple locations. Procedure 1. Log in to Equinox Management. 2. Click Devices. 3. Click Media Servers in the left pane. Equinox Management displays the Media Servers window. 4. Click Add. Equinox Management displays the Add Media Server window. 5. Configure the following fields: • Name • IP Address • Registered To • Location
Table 43: Add Media Servers field descriptions
Name Description Name The name of the Media Server. The name is used to identify specific Media Server instances in the list of Media Servers. IP Address The management IP address configured during the installation. Registered To The drop-down list containing the registered gatekeepers. If you select None, you can add the Media Server to Equinox Management, but the Media Server will not be connected to the network. Location The location of the Media Server. The location of the Media Server is only relevant in deployments with multiple locations. Related links Configuring web collaboration for TE on page 267
April 2018 Deploying Avaya Equinox Solution 268 Comments on this document? [email protected] Configuring web collaboration for TE
Configuring the Media Server network settings Before you begin • Decide a descriptive name for the media server. • If the deployment has multiple locations, get the location of the media server instance. • If you deploy Equinox Media Server as a web collaboration gateway, get FQDN. • Get the network IP addresses of: - NTP server - DNS servers - Default gateway - SIP proxy server Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the server instance. Equinox Management opens the media server window. 3. Click the Configuration tab. 4. Configure the network settings. 5. Click Apply. 6. Select the Access tab and enter the media server's information: • Username: Enter the login username of the media server web interface login. • Password: Enter the login password of the media server web interface login
Table 44: Configuration field descriptions
Section Field name Description Basic Settings Name The name of the server instance. Enter a name that indicates the location and working mode of the media server. Location The server location in the enterprise network. This field is relevant only if there are multiples locations in the deployment. Security Displayed only for an MCU 6K device. Table continues…
April 2018 Deploying Avaya Equinox Solution 269 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Section Field name Description Select the security level for the device: • Standard • High • Maximum • Locked Public URL branch To support multiple WCS with a single public FQDN, define a public branch URL defined for each WCS. For example, enter
April 2018 Deploying Avaya Equinox Solution 270 Comments on this document? [email protected] Configuring web collaboration for TE
Section Field name Description Time Zone The time zone where the NTP server is configured. Network Settings DNS Server 1 The IP Address of the DNS server DNS Server 2 The IP Address of the backup DNS server, in the event that DNS Server 1 is not available DNS Search List Enter the short name of the DNS server when the media server searches other sites. The system searches the DNS search list for the suffix. IP Address The IP Address of the media server Note: When the device is online, you can change its IP address in this field. Subnet Mask The subnet mask of the media server. Default Gateway The default gateway of the media server. Local FQDN FQDN of the media server. The Local FQDN must be identical to the service FQDN. H.323 Settings Required Gatekeeper The gatekeeper to which you want to register the media server Current Gatekeeper This (read-only) field displays the management IP address of the gatekeeper this media server is currently registered to. In most cases, this is the same gatekeeper selected in the Required Gatekeeper field. If the current gatekeeper is not the same as the gatekeeper configured in the Required Gatekeeper field, an alarm is issued by Equinox Management. Table continues…
April 2018 Deploying Avaya Equinox Solution 271 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Section Field name Description SIP Settings SIP Proxy Server The IP Address of the SIP Proxy Server Transport Type The enabled transport type Turn/Stun Server Select the Turn/Stun Server, used for the Avaya Session Border Controller for Enterprise (ASBCE). Related links Configuring web collaboration for TE on page 267
Configuring ASBCE for remote client access in TE Remote clients and endpoints that need to participate in conferences have to interact with multiple components through HTTPS. Each component has its own IP address and FQDN. The ASBCE URL rewriting method solves this interfacing complexity by allowing guests to access a conference via a single FQDN and a single IP address, using port 443. As each FQDN needs a certificate, and there is only one FQDN to interact with, this method also allows saving on the costs of commercial certificates. URL rewriting can be used in all Equinox deployments. Servers and services These servers and services utilize HTTPS: • Avaya Aura® Web Gateway • Equinox Conference Control (also called UCCS, part of the Equinox Management Server) • Web Collaboration Server (WCS). WCS can be a standalone server (if it provides web collaboration for a legacy Scopia® Elite 6000 MCU) or be part of the Equinox Media Server (audio or video). • Avaya Session Border Controller for Enterprise (ASBCE). The server is used for its three functionalities: reverse proxy, SBC, and STUN/TURN. Note: • The ASBCE’s internal leg needs an IP address. It does not have an FQDN. • The ASBCE does not support a reverse proxy where the incoming and outgoing traffic goes to the same IP address, so you must create an additional internal IP address to be used by listeners. The numerous guests behind the firewall can access the User Portalthat listens to queries on port 443. The Equinox Management Server NGinx acts as a reverse proxy for the server and forwards the User Portal traffic to the portal’s internal port and the UCCP traffic to Equinox Conference Control. The WCS always uses port 443.
April 2018 Deploying Avaya Equinox Solution 272 Comments on this document? [email protected] Configuring ASBCE for remote client access in TE
Firewall traversal The setup requires the use of a split horizon DNS and the reverse proxy for firewall traversal, and the same URL for both internal and external calls. Note: For a successful deployment of the Equinox Solution, it is mandatory to provision a split horizon DNS of the User Portal URL. URLs Each service uses a different path in its URL. All URLs have the same format:
Configuring Equinox Conference Control for TE About this task Log in to Equinox Management to configure Equinox Conference Control. Before you begin Follow the steps in the deployment checklist. Procedure 1. In the Equinox Management administrator portal, navigate to Dashboard > > Advanced Parameters. 2. In the Property Name field, enter com.visionnex.vcms.core.uccp.customizedUCCPURL 3. In the Property Value field, enter https://
Configuring the reverse proxy rules on ASBCE in TE About this task Configure the ASBCE URL rewriting rules.
April 2018 Deploying Avaya Equinox Solution 273 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Before you begin • Generate and upload a matching certificate (name is ASBCE FQDN) and create a matching server profile (name it
Table 45: Creating external URL rewrite rules
Server Address Example Whitelisted URL URL Replace Comment rtsawg1.xxxx:8444 /portal /portal rtsawg1.xxxx:8444 /notification /notification rtsawg1.xxxx:8444 /uwd/dist /uwd/dist Portal (AAWG) rtsawg1.xxxx:8444 /ups /ups rtsawg1.xxxx:8444 /csa /csa rtsawg1.xxxx:8444 /acs /acs rtsemgr1.xxxx:443 /uwd/rest /uwd/rest Equinox Conference rtsemgr1.xxxx:443 /uwd/ws /uwd/ws Control (UCCS) Table continues…
April 2018 Deploying Avaya Equinox Solution 274 Comments on this document? [email protected] Configuring ASBCE for remote client access in TE
Server Address Example Whitelisted URL URL Replace Comment rtsems1.xxxx:443 /wcsws /wcsws WCS rtsems1.xxxx:443 /viewer /viewer
If your deployment includes multiple Media Servers, enter the following in the URL rewrite table:
Table 46: Example of URL rewrite configuration for multiple media servers
Server Address Whitelisted URL URL Replace Note Example Example rtsems1.xxxx.com:443 /ems1/ / Make sure to enter trailing rtsems2.xxxx.com:443 /ems2/ / slashes (/) so the system replaces the Whitelisted URL rtsems3.xxxx.com:443 /ems3/ / parameter with the server address. 4. Select Finish to save each external rule. 5. In the Reverse Proxy tab, select Add to create the internal Reverse Proxy Profile. Configure the following parameters: • Name: enter a descriptive name. • Listen IP: select the internal media interface and the ASBCE internal leg IP address (A1). • Connect IP: select the internal media interface and select the ASBCE internal leg IP address (A1). • Configure the Listen Port, Listen TLS Profile, Server TLS Profile, and Rewrite Rule fields, as explained for the external Reverse Proxy Profile above. 6. Select Add at the bottom of the page to create an internal rewriting rule for these devices: AAWG, Equinox Conference Control, Equinox Management, Media Server. Configure parameters as shown in the table below. The system appends the parameter in the URL replace column to the server address.
Table 47: Creating internal URL rewrite rules
Server Address Example Whitelisted URL URL Replace Comment rtsawg1.xxxx:443 /portal /portal rtsawg1.xxxx:443 /notification /notification rtsawg1.xxxx:443 /uwd/dist /uwd/dist Portal (AAWG) rtsawg1.xxxx:443 /ups /ups rtsawg1.xxxx:443 /csa /csa rtsawg1.xxxx:443 /acs /acs Table continues…
April 2018 Deploying Avaya Equinox Solution 275 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Server Address Example Whitelisted URL URL Replace Comment rtsemgr1.xxxx:443 /uwd/rest /uwd/rest Equinox Conference rtsemgr1.xxxx:443 /uwd/ws /uwd/ws Control (UCCS) rtsems1.xxxx:443 /wcsws /wcsws WCS rtsems1.xxxx:443 /viewer /viewer
If your deployment includes multiple WCS, enter the following in the URL rewrite table:
Table 48: Example of URL rewrite configuration for multiple WCS
Server Address Example Whitelisted URL URL Replace Comment Example rtsems1.xxxx:443 /ems1/ / Make sure to enter trailing slashes rtsems2.xxxx:443 /ems2/ / (/) so the system replaces the Whitelisted URL parameter with the rtsems3.xxxx:443 /ems3/ / server address. 7. Select Finish to save each internal rule. Related links Configuring ASBCE for remote client access in TE on page 272
Configuring Avaya Aura Device Services Avaya Aura® Device Services provides a set of services to Avaya Equinox® 3.0. Avaya Aura® Device Services is co-resident with Session Manager and is delivered as separate OVA. Related links Setting up a TLS link for Avaya Equinox Management on page 276 Configuring remote access on page 277 Configuring Avaya Aura Device Services in Avaya Equinox Management on page 278
Setting up a TLS link for Avaya Equinox Management About this task Avaya Equinox® certificates are signed by VeriSign and Avaya Aura® Device Services certificates are signed by System Manager. Therefore, TLS links are not established until you import both CAs to Avaya Aura® Device Services. Procedure 1. Log in to Avaya Aura® Device Services by using SSH
April 2018 Deploying Avaya Equinox Solution 276 Comments on this document? [email protected] Configuring Avaya Aura Device Services
2. Import Avaya Equinox® CAs to the Avaya Aura® Device Services truststore. Type sudo keytool –importcert –file ScopiaCA1.cer –keystore /opt/ Avaya/DeviceServices/
Configuring remote access About this task You can use the ASBCE for relaying HTTP and HTTPS traffic between Avaya Aura® Device Services enabled application clients (such as the Avaya Equinox® clients) and Avaya Aura® Device Servicess. For more information about relay services configuration in ASBCE, see Administering Avaya Session Border Controller for Enterprise. Before you begin • Because the reverse proxy or relay is configured to listen on port 443, the Override port for reverse proxy setting from the Front-end host, System Manager and Certificate Configuration menu must be set to y (yes). You must also set a value for the Front-end port for reverse proxy parameter. • HTTPS traffic relay for Avaya Aura® Device Services requires that you configure an external IP address for ASBCE.
April 2018 Deploying Avaya Equinox Solution 277 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Note: To use the remote worker functionality, you must configure one of the following: • Implement Split-Horizon DNS: Avaya recommends the use of this configuration. This configuration optimizes traffic so that clients connect to Session Manager directly on the internal network and only use ASBCE when external. • Use Public cloud model: All FQDNs or URLs must point to the reverse proxy or ASBCE. This configuration is used for cloud deployments and also for on premise deployments. By using this configuration, calls are preserved during any network transition from Wi-Fi to cellular data when the client IP address can change during an active call. • Implement for internal access only and all remote devices must use VPN: This configuration is used when a security policy is in place such that all traffic must be either internal or via VPN. The VPN solution that is deployed must have sufficient bandwidth and latency to support the expected volume of VoIP calls. Procedure 1. In the ABCE, navigate to Device Specific Settings > Relay Services. 2. In the Remote Configuration field, configure the parameters with the following values: • Remote Domain: the Avaya Aura® Device Services server domain. • Remote IP: the IP address of the Avaya Aura® Device Services server. • Remote Port: the Front-end port for reverse proxy configured during the Avaya Aura® Device Services server installation. The value must be 443. • Remote Transport: TCP. 3. In the Device Configuration field, configure the parameters with the following values: • Published Domain: the Avaya Aura® Device Services server domain. • Listen IP: the external ASBCE IP address created for Avaya Aura® Device Services relay. • Listen Port: 443. • Connect IP: the internal ASBCE IP address. • Listen Transport: TCP Related links Configuring Avaya Aura Device Services on page 276
Configuring Avaya Aura Device Services in Avaya Equinox Management About this task You can use Avaya Aura® Device Services to search for Avaya Scopia® users and terminals only when Avaya Aura® Device Services is configured in Equinox Management.
April 2018 Deploying Avaya Equinox Solution 278 Comments on this document? [email protected] Configuring TURN/STUN for WebRTC in TE
Procedure 1. Select Devices > Devices by Type > User Portals, and select Add. 2. Configure these fields on the page: • Name: Enter a unique name for the Avaya Aura® Device Services server. • IP Address: The IP Address of the Avaya Aura® Device Services server. • Location: Select the location that matches the Avaya Aura® Device Services location assignment on the Session Manager. • Secure connection between this server and Equinox Management using TLS: Select if you configured a TLS connection, as described in Setting up a TLS link for Avaya Equinox Management on page 276. 3. Select OK. The configured Avaya Aura® Device Services appears on the Avaya Aura® Device Services page, with detailed information. Wait for a few minutes until the newly added Avaya Aura® Device Services indicator changes from gray to green. Related links Configuring Avaya Aura Device Services on page 276
Configuring TURN/STUN for WebRTC in TE Avaya Session Border Controller for Enterprise relays HTTP signaling by using the Reverse Proxy feature and the media relay by using TURN Server relay functionality. Additionally, for a WebRTC call, STUN binding, STUN reflexive address discovery, and ICE connectivity checks are required. All these aspects are implemented within the TURN/STUN server functionality built into ASBCE. Related links Configuring the TURN/STUN profile for WebRTC calls on ASBCE on page 279 Configuring the TURN relay service for WebRTC calls on Avaya SBCE on page 282 Configuring TURN/STUN on Equinox Management on page 283
Configuring the TURN/STUN profile for WebRTC calls on ASBCE Before you begin In the navigation pane, click System Management and verify that the System Management page displays the following details: • The Avaya SBCE name and the management IP address. • The Element Management System (EMS) name and the management IP address. • The Status column of Avaya SBCE EMS displaying Commissioned.
April 2018 Deploying Avaya Equinox Solution 279 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Procedure 1. Log on to the EMS web interface with the administrator credentials. 2. In the navigation pane, click Device Specific Settings > TURN/STUN Service. The Application pane lists the registered Avaya SBCE security devices for which the new TURN/STUN profile is applied. In the content area, the system displays an ordered list for TURN/STUN Profiles and TURN Relay configuration, for the selected Avaya SBCE security devices. 3. From the application pane, select the Avaya SBCE Device for which the new TURN/STUN profile will be created. The system displays the TURN/STUN Service screen showing the TURN/STUN profiles that are currently defined for that Avaya SBCE device. 4. Click the TURN/STUN Profiles tab. 5. Click Add. The system displays the Add TURN STUN Profile window. 6. Enter the requested information in the appropriate fields, and click Finish to save and exit. Note: You must create and add the TURN Relay associated with that TURN/STUN profile, to save any change in existing TURN/STUN profile.
Table 49: Add TURN STUN Profile field descriptions
Name Description Profile Name Name of TURN/STUN profile. UDP Listen Port Listen port number for UDP. TCP/TLS Listen Port Listen port number for TCP/TLS. TLS Server Profile TLS server profile used for TCP/TLS listen port. Note: Ensure that at least one TLS server profile is configured in TLS Management > Server Profiles. You can configure TURN/STUN profile without any TLS Server profile, by removing the entry from TCP/TLS Listen Port field. Media Relay Port Range Port range for the media relay. This range must not overlap with the port ranges used by Avaya SBCE for other protocols such as SIP. Avaya recommends that you type the port range as 50000 to 55000. If you use a different port Table continues…
April 2018 Deploying Avaya Equinox Solution 280 Comments on this document? [email protected] Configuring TURN/STUN for WebRTC in TE
Name Description range, verify that there is no clash between other media port ranges for SIP calls. Authentication Option to enable authentication for TURN/STUN profile. Client Authentication Option to enable token based authentication for client when browser is enabled with TURN. Server Authentication Option to enable the use of static username and password for server authentication. UserName User name for server authentication. Password Password for server authentication. Confirm Password Password confirmation for server authentication. Realm Realm used for TURN server authentication. Fingerprint Option to enable fingerprint. UDP Relay Option to enable UDP relay. TCP Relay Option to enable TCP relay. From Release 7.1, the TCP relay field is available. Note: If you change the transport protocol from TCP to UDP or from UDP to TCP, the WebRTC service is affected. For any change in the transport protocol, you must restart the application. DTLS Option to enable DTLS. This field is unavailable by default. Media Learning Option to enable the learning of remote media source on TURN/STUN profile Alternate Server 1 to 3 IP address of an alternate server. The load factor on a Turn server address is configured with a load factor threshold. When the load factor threshold is exceeded, the load is redirected to an alternate Turn server address on the same Avaya SBCE or a different Avaya SBCE, when the Turn server addresses on the same Avaya SBCE reaches the load factor threshold. Related links Configuring TURN/STUN for WebRTC in TE on page 279
April 2018 Deploying Avaya Equinox Solution 281 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Configuring the TURN relay service for WebRTC calls on Avaya SBCE Before you begin In the navigation pane, click System Management and verify that the System Management page displays the following details: • The Avaya SBCE name and the management IP address • The Element Management System (EMS) name and the management IP address • The Status column of Avaya SBCE EMS displaying Commissioned • In the navigation pane, click Device Specific Settings > Network Management and configure A1 and B1 interfaces in the Networks tab. Ensure that a minimum of two IP addresses are configured in Network Management for configuring TURN relay service. Procedure 1. Log on to the EMS web interface with the administrator credentials. 2. In the navigation pane, click Device Specific Settings > TURN/STUN Service. The Application pane lists the registered Avaya SBCE security devices for which the new TURN relay profile is applied. In the content area, the system displays an ordered list for TURN/STUN Profiles and TURN Relay configuration, for the selected Avaya SBCE security devices. 3. From the application pane, select theAvaya SBCE Device for which the new TURN relay service will be created. The system displays the TURN/STUN Service screen showing the Listen IP and Media Relay IP pair for TURN/STUN profiles already created in the TURN/STUN Profiles tab that are currently defined for that Avaya SBCE device. 4. Click the TURN/STUN Relay tab. 5. Click Add. The system displays the Add TURN STUN IP Pairing window. 6. Enter the requested information in the appropriate fields, and click Finish to save and exit.
Table 50: Add TURN Relay field descriptions
Name Description Listen IP Listen IP of TURN server. Media Relay IP Media relay IP of TURN server. TURN/STUN Profile Displays the TURN/STUN profiles Related links Configuring TURN/STUN for WebRTC in TE on page 279
April 2018 Deploying Avaya Equinox Solution 282 Comments on this document? [email protected] Configuring TURN/STUN for WebRTC in TE
Configuring TURN/STUN on Equinox Management About this task Once you have added the ASBCE to Equinox Management, you can configure the TURN/STUN settings. Before you begin The settings you configure on Equinox Management must match with those configured on ASBCE. Procedure 1. Select Devices > Devices by Type > ASBCE. 2. Select the link in the Name column for the ASBCE for which you want to configure additional settings. The Update ASBCE page appears. 3. Enter the relevant values in the Turn/Stun fields, as described in the following table.
Table 51: Turn/Stun Fields
Field Names Description User Name The username of the TURN/STUN server. Password The password of the TURN/STUN server. Listen/Relay DMZ IP By default, the Management server IP address displays. Modify to be the ASBCE server’s external IP address. Port The port number of the Listen/Relay DMZ IP. Listen/Relay Public IP By default, the management server IP address displays. Modify to be the ASBCE server’s public IP address. Port The port number of the Listen/Relay Public IP. Local SIP IP The local IP address of the SIP server SIP Protocol The SIP server protocol, either TCP or TLS. SIP Port The port number of the SIP server. Local HTTP IP The IP address of the HTTP server. HTTP Protocol The HTTP server protocol, either HTTP or HTTPS. HTTP Port The port number of the HTTP server. Check status IP The IP address of the internal interface. Check status protocol The protocol of the internal interface, either HTTP or HTTPS. 4. Select OK.
April 2018 Deploying Avaya Equinox Solution 283 Comments on this document? [email protected] Avaya Session Border Controller deployment for remote access in Team Engagement solution
Note: The ASBCE status must be green to ensure that the Media Server and Web Collaboration Server work properly. Related links Configuring TURN/STUN for WebRTC in TE on page 279
Configuring ASBCE support of unregistered Avaya SIP endpoints Before you begin Configure the ASBCE as explained in Administering Avaya Session Border Controller for Enterprise. Procedure 1. Log in to the EMS web interface with administrator credentials. 2. In the left navigation pane, click Global Profiles > URI Groups. The system displays the URI Groups window. 3. In the Application pane, click Add. The system displays the URI Group window. 4. In the Group Name field, type the name of the URI group. The group name must indicate that the URI group is for SIP calls from unregistered numbers. For example, in the Group Name field, type 97976878_Anonymous. 5. Click Next. 6. In the URI Type field, click Plain. 7. In the URI field, type anonymous@ucaas. This URI group is applied to a subscriber to allow unregistered Avaya SIP endpoints to dial a number. 8. Click Finish. 9. In the left navigation pane, click Device Specific Settings > End Point Flows. The Application pane lists the registered ASBCE security devices for which the new flow is applied. In the content area, the system displays an ordered list of call flows, Subscriber or Server, for the selected ASBCE security devices. 10. From the application pane, select the ASBCE Device for which the new Subscriber End- Point Flow will be created.
April 2018 Deploying Avaya Equinox Solution 284 Comments on this document? [email protected] Configuring ASBCE support of unregistered Avaya SIP endpoints
The system displays the End-Point Flows screen showing the flows that are currently defined for that ASBCE device. 11. Click the Subscriber Flows tab. 12. Click Add. The system displays the Add Flow window. 13. In the Flow Name field, type the name of the endpoint flow. 14. In the URI Group field, click the URI group that you created for emergency calls from unregistered SIP endpoints. 15. In the Signaling Interface field, click the external interface for this ASBCE. 16. Click Next. 17. In the Source field, click Click To Call. 18. In the Media Interface field, click the external interface for this ASBCE. 19. In the End Point Policy Group field, click the policy for remote endpoints. 20. In the Routing Profile field, click the routing profile that is mapped to the required Session Manager. 21. Click Finish. Next steps If you need BFCP and FECC, configure these features as explained in Configuring ASBCE media interface for OTT on page 235.
April 2018 Deploying Avaya Equinox Solution 285 Comments on this document? [email protected] Chapter 14: Equinox H.323 Edge deployment
Equinox H.323 Edge overview Avaya Equinox H.323 Edge provides a complete firewall and NAT traversal solution and support for secure connectivity between enterprise networks and remote locations. Note: Equinox H.323 Edge is an optional component. Equinox H.323 Edge is required when you need to connect remote H.323–based video conferencing endpoints to an Avaya Equinox solution conference through firewalls. Equinox H.323 Edge is part of the Avaya Equinox solution. Components of Avaya Equinox can be combined to fit the existing network topology and video conferencing requirements of the enterprise. Equinox H.323 Edge is an optional Avaya Equinox solution component which is deployed in Over The Top and Team Engagement deployments. Equinox H.323 Edge is deployed in network DMZs when enterprises need H.323–based calls to traverse the network firewall. Equinox H.323 Edge is also deployed in multi-tenant deployments when service providers need to connect the remotely-located H.323–based endpoints of tenants with the Avaya Equinox solution deployment of the service providers. Equinox H.323 Edge maintains the security and advantages of firewall and NAT over heterogeneous video networks and supports seamless integration with existing video endpoints and infrastructure components.
April 2018 Deploying Avaya Equinox Solution 286 Comments on this document? [email protected] Equinox H.323 Edge virtual server deployment checklist
Equinox H.323 Edge uses the H.460 protocol. H.460–compliant endpoints can directly communicate with Equinox H.323 Edge. The endpoints act as H.460 clients and Equinox H.323 Edge acts as an H.460 server. Endpoints in private networks can communicate with the endpoints in public networks through Equinox H.323 Edge. Endpoints in public networks can join conferences hosted in private networks through Equinox H.323 Edge if there is an open connection through the firewall. H.323 Gatekeeper provides standalone address resolution functionality in H.323–based networks. Equinox H.323 Edge supports static addresses for external endpoints for conferences hosted on the enterprise network. Users located outside the enterprise firewall can join conferences using addresses such as [email protected] , while users with endpoints logged in to Equinox H.323 Edge can directly dial numbers such as 1234 to join conferences.
Equinox H.323 Edge virtual server deployment checklist
# Action Link/Notes
1 Download the Equinox H.323 Edge See Downloading software from software from PLDS PLDS on page 46 2 Deploy the Equinox H.323 Edge virtual See Deploying the Equinox H.323 Edge server virtual server on page 294 3 Start the Equinox H.323 Edge virtual See Starting the Equinox H.323 Edge server virtual server on page 295 4 Configure the Equinox H.323 Edge virtual See Configuring the virtual machine server automatic startup settings automatic startup settings on page 295
April 2018 Deploying Avaya Equinox Solution 287 Comments on this document? [email protected] Equinox H.323 Edge deployment
Equinox H.323 Edge initial configuration checklist
No. Task Link/Notes
1 (Optional) Add more networks to the Adding networks to Equinox H.323 Equinox H.323 Edge. Edge on page 296 2 Add Equinox H.323 Edge as a device in Adding Equinox H.323 Edge in Equinox Equinox Management Management on page 298 3 (Optional) Configure IP separation of the Configuring IP separation in Equinox internal and external network traffic on the Management on page 298 Equinox H.323 Edge virtual server. 4 Configure the ports on Equinox H.323 Configuring Ports on Equinox H.323 Edge. Edge on page 299 5 Configure the gatekeeper . Integrating with the gatekeeper on page 301 6 Configure NAT. Integrating with NAT on page 302 7 Configure the NTP server. Configuring the NTP server on page 303 8 Configure access to calls to H.323 legacy Configuring access for calls to H.323 endpoints. legacy endpoints on page 304 9 Configure URI-based dialing. URI Dialing Functionality on page 305 10 Configure IP address-based dialing. Configuring IP address-based dialing to external endpoints on page 308 11 Secure the connection with Equinox Securing the connection with Equinox Management. Management using TLS on page 313 12 Update the Equinox H.323 Edge license Adding or updating licenses on page 313 13 Configure remote access to administer Configuring remote access on page 314 Equinox H.323 Edge from Equinox Management. 14 Configure QoS. Configuring QoS for audio and video on page 315 15 (Optional) Create Equinox H.323 Edge Creating an Equinox H.323 Edge server server clusters to optimize the server use Cluster on page 316 without load balancers.
Technical specifications of Equinox H.323 Edge
Requirement Specification Communications • H.323 • IPv4 Table continues…
April 2018 Deploying Avaya Equinox Solution 288 Comments on this document? [email protected] Ports configuration
Requirement Specification • Bit rate: up to 4Mbps per call Call capacity • Up to 120 concurrent calls • Up to 720 registered devices Hardware load balancers for clusters • Radware AppDirector 208 Load-balancers are optional. Load balancers are • Radware AppDirector 1000 needed only when you cannot configure dual NIC • F5 BIG-IP Load Traffic Manager 1600 Series virtual machines to use the built-in virtual machine clustering mechanism. Firewall traversal • H.460.18, H.460.19 including support for multiplexed media • Direct Public Access (DPA) solution for direct communication between internal endpoints in the internal network and external ones in the public network. • If the remote system has Equinox H.323 Edge Client, you can send the communications data securely through the firewall by establishing a route for the data through Equinox H.323 Edge Client Security H.235 for call privacy in all traversal modes, such as H.460, tunneling, and DPA
Ports configuration Equinox H.323 Edge is Equinox Solution’s answer to firewall traversal. Equinox H.323 Edge is an H.460 server, typically deployed in the DMZ, while Equinox H.323 Edge Client is a tunneling client, typically deployed outside the enterprise firewall alongside the remote H.323 endpoint (see Figure 109: H.323 connections to Equinox H.323 Edge on page 290). Many recent H.323 endpoints have built-in H.460 functionality (which enables secure communication), thereby avoiding the need for Equinox H.323 Edge Client. If an H.323 endpoint located in a partner company does not have H.460 capabilities, it must communicate via Equinox H.323 Edge Client to access Equinox H.323 Edge in the DMZ (see Figure 109: H.323 connections to Equinox H.323 Edge on page 290). Important: There must be no firewall between the H.323 endpoint (device) and Equinox H.323 Edge Client. An H.323 endpoint in the public network can also directly dial Equinox H.323 Edge using direct port access (ports 4000-5000).
April 2018 Deploying Avaya Equinox Solution 289 Comments on this document? [email protected] Equinox H.323 Edge deployment
Figure 109: H.323 connections to Equinox H.323 Edge
When opening ports to and from Equinox H.323 Edge, use the following as a reference: • If opening ports that are both to and from Equinox H.323 Edge, see Table 52: Bidirectional Ports to Open Equinox H.323 Edge on page 291. • If opening ports that are both to and from Equinox H.323 Edge Client, see Table 53: Bidirectional Ports to Open on the Equinox H.323 Edge Client on page 292. Important: In order for an H.323 endpoint (or other H.323 device) within the enterprise to successfully connect to Equinox H.323 Edge in the DMZ via the enterprise firewall (see Figure 110: Contacting Equinox H.323 Edge from within the enterprise on page 291), you must do the following: • Install Equinox H.323 Edge Client within the enterprise or use H.460-enabled endpoints. • Open the internal firewall to Equinox H.323 Edge (12000 to 15000, bidirectional).
April 2018 Deploying Avaya Equinox Solution 290 Comments on this document? [email protected] Ports configuration
Figure 110: Contacting Equinox H.323 Edge from within the enterprise
Important: The specific firewalls to open ports depends on where Equinox H.323 Edge Client and other Avaya Equinox Solution components are deployed.
Table 52: Bidirectional Ports to Open Equinox H.323 Edge
Port Range Protocol Source Functionality Result of Required Blocking Port 53 DNS (UDP) DNS server Enables querying Cannot support Mandatory if the DNS for domain name calls using URI dialing domains per call and dialing by URI 1719 UDP H.460.18–based Enables registration H.460.18–based Mandatory for H. endpoint or H. of H.460–based endpoints cannot 460–based 460.18–based endpoints register through endpoints client gatekeeper Equinox H.323 Edge 1720 TCP Any H.323 Enables IP call No signaling Mandatory if in device using Q. signaling capabilities: guest DPA mode 931 signaling in users cannot dial DPA mode into internal endpoints 2776 TCP, UDP H.460.18 Enables H.460.18 Firewall traversal Mandatory for H. endpoint/ H. Call Signaling, H. function based on 460 endpoints 460.18 client 460.19 Multiplex H.460.18 and H. gatekeeper Media Channel 460.19 cannot function. 2777 TCP, UDP H.460.18 Enables H.460.18 H.460.18 Mandatory for H. endpoint/ H. and H.460.19 Call endpoints cannot 460 endpoints Control, H.460.19 set up Call Control Table continues…
April 2018 Deploying Avaya Equinox Solution 291 Comments on this document? [email protected] Equinox H.323 Edge deployment
Port Range Protocol Source Functionality Result of Required Blocking Port 460.18 client Multiplex Media channels or logical gatekeeper Control Channel channels. Firewall traversal function based on H.460.18 and H.460.19 cannot function. 3089 TCP, UDP Equinox H.323 Enables signaling If the TCP port is Mandatory if Edge Client and media traversal blocked, Equinox using Equinox H. H.323 Edge Client 323 Edge Client cannot connect to Equinox H.323 Edge. Legacy H. 323 endpoints behind the Equinox H.323 Edge Client cannot call external endpoints. If the UDP port is blocked, Equinox H.323 Edge Client can only traverse media via TCP. 4000-5000 TCP, UDP Any H.323 Enables Direct Cannot setup/ Mandatory if in device using Q. Public Access connect DPA mode DPA mode 931 signaling in (DPA) for H.323 call calls To limit range, DPA mode signaling, control see Configuring and media traversal the TCP/UDP port range for H. 323 Direct Public Access calls on page 299 8089 XML (TCP) XML API Client Enables managing The External Optional Equinox H.323 Management Edge via XML API System cannot get Equinox H.323 Edge status or receive traps from Equinox H.323 Edge
Table 53: Bidirectional Ports to Open on the Equinox H.323 Edge Client
Port Range Protocol Source Functionality Result of Required Blocking Port 3478 STUN (UDP) STUN server Enables an endpoint Equinox H.323 Recommended located in the Edge Client remote network to cannot
April 2018 Deploying Avaya Equinox Solution 292 Comments on this document? [email protected] Equinox H.323 Edge virtual server deployment
Port Range Protocol Source Functionality Result of Required Blocking Port send a STUN determine its Binding Request public IP when connecting to address. Smart another endpoint in Direct Media the same network Connect cannot function.
Important: If there is a firewall between the H.323 client and the Equinox H.323 Edge Client, all high ports must be opened in both directions (1024-65535). We therefore recommend no firewall between the endpoint and the Equinox H.323 Edge Client.
Equinox H.323 Edge virtual server deployment
Downloading software from PLDS When you place an order for an Avaya PLDS-licensed software product, PLDS creates the license entitlements of the order and sends an email notification to you. The email includes a license activation code (LAC) and instructions for accessing and logging into PLDS. Use the LAC to locate and download the purchased license entitlements. In addition to PLDS, you can download the product software from http://support.avaya.com using the Downloads and Documents tab at the top of the page. Note: Only the latest service pack for each release is posted on the support site. Previous service packs are available only through PLDS. Procedure 1. Enter http://plds.avaya.com in your Web browser to access the Avaya PLDS website. 2. Enter your login ID and password. 3. On the PLDS home page, select Assets. 4. Click View Downloads. 5. Click on the search icon (magnifying glass) for Company Name. 6. In the %Name field, enter Avaya or the Partner company name. 7. Click Search Companies. 8. Locate the correct entry and click the Select link.
April 2018 Deploying Avaya Equinox Solution 293 Comments on this document? [email protected] Equinox H.323 Edge deployment
9. Enter the Download Pub ID. 10. Click Search Downloads. 11. Scroll down to the entry for the download file and click the Download link. 12. In the Download Manager box, click the appropriate download link. Note: The first link, Click to download your file now, uses the Download Manager to download the file. The Download Manager provides features to manage the download (stop, resume, auto checksum). The click here link uses your standard browser download and does not provide the download integrity features. 13. If you use Internet Explorer and get an error message, click the install ActiveX message at the top of the page and continue with the download. 14. Select a location where you want to save the file and click Save. 15. If you used the Download Manager, click Details to view the download progress.
Deploying the Equinox H.323 Edge virtual server About this task The Equinox H.323 Edge virtual server software for VMware is available in the .OVA package format. You can install the OVA file using vSphere Client. The virtual server configuration file and virtual disk files are stored on a data store. The data store can be local to the host or a mounted shared storage, such as NFS or SAN. If multiple virtual machine networks are configured on the host ESXi server, the wizard prompts you to associate networks specified in the OVA with networks available on the host. Procedure 1. Log in to vSphere Client. 2. Select the host ESXi server to deploy the Equinox H.323 Edge virtual server. If you do not choose a host before deploying the OVA, vSphere Client prompts you for the host or cluster name to deploy the virtual server. 3. Click File > Deploy OVF Template. 4. Do one of the following: • Click Browse and provide the Equinox H.323 Edge OVA file location. • In the Deploy from a file or URL field, enter the full URL of the HTTP server where the Equinox H.323 Edge OVA file is located. 5. Click Next to display the OVF Template Details window. 6. Verify the details of the OVA template, and click Next. 7. Read the license agreement, and click Accept.
April 2018 Deploying Avaya Equinox Solution 294 Comments on this document? [email protected] Equinox H.323 Edge virtual server deployment
8. Click Next. 9. In the Name field, enter the name of the new virtual server. 10. Click Next to display the Disk Format window. 11. Select Thick Provision. 12. Click Next to display the Ready to Complete window. 13. Verify the deployment settings. If you need to modify any of the settings, use the Back option. 14. Click Finish. Result 1. vSphere Client starts the Equinox H.323 Edge virtual server deployment. 2. After completing the deployment, in the Recent Tasks window, vSphere Client updates the status of the Deploy OVT Template task to Completed.
Starting the Equinox H.323 Edge virtual server Before you begin Deploy the Equinox H.323 Edge virtual server. Procedure 1. Log in to vSphere Client. 2. Click Inventory. 3. Click Virtual Machine > Power > Power On. The Equinox H.323 Edge virtual server starts.
Configuring the virtual machine automatic startup settings About this task When a vSphere ESXi host restarts after a power failure, the virtual machines that are deployed on the host do not start automatically. You must configure the virtual machines to start automatically. In high availability (HA) clusters, the VMware HA software ignores the startup selections. Before you begin Verify with the system administrator that you have the proper level of permissions to configure the automatic startup settings.
April 2018 Deploying Avaya Equinox Solution 295 Comments on this document? [email protected] Equinox H.323 Edge deployment
Procedure 1. In the vSphere Client inventory, select the host where the virtual machine is located. 2. Click the Configuration tab. 3. In the Software section, click Virtual Machine Startup/Shutdown. 4. Click Properties in the upper-right corner of the screen. 5. In the System Settings section, select Allow virtual machines to start and stop automatically with the system. 6. In the Manual Startup section, select the virtual machine. 7. Use the Move up button to move the virtual machine to the Automatic Startup section. 8. Click OK.
Equinox H.323 Edge initial configuration
Adding networks to Equinox H.323 Edge About this task Add more networks to Equinox H.323 Edge to configure IP separation for the external and internal networks. You can also use this procedure to configure separate subnets for different networks. This procedure is relevant only if you have a dual NIC deployment of Equinox H.323 Edge. Before you begin Connect a network cable to the second NIC of the host server. Procedure 1. Log in to vSphere Client. 2. In the vSphere Client inventory, select the host where you deployed Equinox H.323 Edge. 3. Click the Configuration tab. 4. In the Hardware section, click Networking .
April 2018 Deploying Avaya Equinox Solution 296 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
5. Click Add Networking....
VSphere Client displays the Add Networking Wizard window. 6. In Connection Type, select Virtual Machine, and click Next. 7. In Network Access, select the vSwitch corresponding to the second NIC of the host server, and click Next.
8. In Connection Settings, configure the following fields: • Network Label • VLAN ID (Optional): If you do not have a VLAN ID, select None. 9. Click Next. 10. In Summary, verify the configuration, and click Finish.
April 2018 Deploying Avaya Equinox Solution 297 Comments on this document? [email protected] Equinox H.323 Edge deployment
Result vSphere Client adds another network to the host server. Next steps 1. Add the Equinox H.323 Edge instance in Equinox Management for the eth0 interface. 2. Configure IP separation in Equinox Management.
Adding Equinox H.323 Edge in Equinox Management About this task Manage Equinox H.323 Edge using Equinox Management. Before you begin Get the IP address of the Equinox H.323 Edge eth0 interface. Procedure 1. Log in to Equinox Management. 2. Click Devices. 3. Click H.323 Edge Servers in the left pane. Equinox Management displays the Equinox H.323 Edge server window. 4. Click Add. Equinox Management displays the Add Equinox H.323 Edge server window. 5. Configure the following fields: • Name • IP Address 6. Click OK. Result Equinox Management adds the Equinox H.323 Edge instance as a device.
Configuring IP separation in Equinox Management About this task Configure a different IP address and subnet for the second virtual NIC of Equinox H.323 Edge to process the external traffic. Before you begin Configure vSwitches in vSphere Client.
April 2018 Deploying Avaya Equinox Solution 298 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management opens the Equinox H.323 Edge instance window. 3. Click the Configuration tab. 4. In the Network Settings section, click NIC Settings. Equinox Management displays the NIC Settings window. 5. Configure the following:
Internal NIC External NIC IP Address: The IP address of the eth0 External NIC: Select to enable dual NIC. interface. Subnet Mask IP Address: The IP address of the eth1 interface. Gateway Subnet Mask Local FQDN Gateway Result Equinox Management configures dedicated NICs for the external and internal network traffic. Next steps In a dual NIC configuration, the internal NIC can connect only to its subnet. You must configure static routes between the internal NIC and other subnets.
Configuring Ports on the Equinox H.323 Edge server This section provides instructions of how to configure the following ports and port ranges on the Avaya Equinox H.323 Edge server: Related links Configuring the TCP/UDP port range for H.323 Direct Public Access calls on page 299 Configuring the TCP/UDP port range on the internal interface on page 300 Configuring the TCP/UDP port range for H.323 Direct Public Access calls About this task Equinox H.323 Edge has a port range of 4000 to 5000 ports designated for H.323 Direct Public Access. Using H.323 Direct Public Access, non-H.460 public endpoints can call internal endpoints without being registered to Equinox H.323 Edge. To add more security to your firewall, you can limit the port range for H.323 Direct Public Access.
April 2018 Deploying Avaya Equinox Solution 299 Comments on this document? [email protected] Equinox H.323 Edge deployment
To calculate the number of ports Equinox H.323 Edge uses, multiply the number of simultaneous Direct Public Access calls by 10. The multiplication factor is lower for audio-only calls and higher for calls with dual video. Use 10 as an approximate multiplication factor. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. 3. Click Configuration. 4. In Direct Public Access, select Enabled. 5. Type the values in the following fields: • Default Extension • Port Range Minimum Port • Port Range Maximum Port 6. Click Apply. Equinox Management displays a confirmation message. 7. Click Yes. Related links Configuring Ports on the Equinox H.323 Edge server on page 299 Configuring the TCP/UDP port range on the internal interface About this task Equinox H.323 Edge has a port range of 12000 to 15000 ports designated for H.323–based calls to the internal interface. To add more security to your firewall, you can limit the port range for H. 323 calls. To calculate the number of ports Equinox H.323 Edge uses, add the two figures that you get by the following methods: • Multiply the number of simultaneous H.323 calls by 10. The multiplication factor is lower for audio-only calls and higher for calls with dual video. Use 10 as an approximate multiplication factor. • Count one port for each endpoint registration. For example, if you have 100 endpoints, count 100 ports. You must restart Equinox H.323 Edge after you modify the port range. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. 3. Click Configuration.
April 2018 Deploying Avaya Equinox Solution 300 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
4. In Internal Communication, change the port range in the following fields: • Internal Port Range Minimum Port • Internal Port Range Maximum Port Select a port range between 12000 to 15000. The maximum port range is from 9000 to 65535. The port range requires a minimum range of 300 ports. 5. Click Apply. Equinox Management displays a confirmation message. 6. Click Yes. Next steps Restart Equinox H.323 Edge Related links Configuring Ports on the Equinox H.323 Edge server on page 299
Integrating the Equinox H.323 Edge server with Other Equinox Solution Components Your Avaya Equinox H.323 Edge server is part of the Equinox Solution and must be integrated with other components: Related links Integrating Equinox H.323 Edge with H.323 Gatekeeper on page 301 Integrating Equinox H.323 Edge with NAT on page 302 Integrating Equinox H.323 Edge with H.323 Gatekeeper About this task The integration of Equinox H.323 Edge and H.323 Gatekeeper supports the communication between endpoints from external networks and endpoints in the internal network. You need to configure the IP address of H.323 Gatekeeper in Equinox H.323 Edge. The external endpoints can be endpoints that are compliant with H.323 and H.460. Conference participants dial in to call using IP addresses, URI, or the E.164 number. For example, dialing in to conferences using URI involves the gatekeeper resolving the host name, such as [email protected] or [email protected], with the IP address of the endpoint being used. When the URI address contains a destination to an external network, Equinox H.323 Edge and H.323 Gatekeeper work together to resolve the URI address. Note: In the settings of the gatekeeper, add the IP address of Equinox H.323 Edge at port 1719 as the gatekeeper's neighbor, as described in Configuring URI-based dialing to external endpoints on page 306.
April 2018 Deploying Avaya Equinox Solution 301 Comments on this document? [email protected] Equinox H.323 Edge deployment
Before you begin Get the IP address of the H.323 Gatekeeper. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select Equinox H.323 Edge instance. 3. Click the Configuration tab. 4. In the Gatekeeper Settings section, enter gatekeeper address and port in the following fields: • Gatekeeper Address • Gatekeeper Port Related links Integrating the Equinox H.323 Edge server with Other Equinox Solution Components on page 301 Integrating Equinox H.323 Edge with NAT About this task If the external NIC of Equinox H.323 Edge uses a private IP address to communicate with endpoints in external networks, enable NAT traversal. Do not enable NAT traversal if the external NIC communicates with the Internet by using a public IP address. Before you begin Get the NAT traversal IP address. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management opens the Equinox H.323 Edge instance window. 3. Click the Configuration tab. 4. Click Basic Settings. 5. In the NAT Support section, do the following: a. Select Enabled. b. Enter the IP address in Public IP Address. Next steps In the firewall or NAT device, verify that the NAT address is mapped to the private IP address of the external NIC of Equinox H.323 Edge. Related links Integrating the Equinox H.323 Edge server with Other Equinox Solution Components on page 301
April 2018 Deploying Avaya Equinox Solution 302 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Configuring the NTP server Before you begin Get the IP address of the NTP server. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management opens the Equinox H.323 Edge instance window. 3. Click the Configuration tab. 4. Click Network Settings. 5. In NTP Settings section, do the following: a. NTP Server Address: Type the IP address of the NTP server. b. Time Zone: Select the time zone. 6. Click Apply.
Calls between internal and external endpoints Calls between internal endpoints of enterprises and external endpoints are established using the IP address or URI of external endpoints. The call establishment using IP addresses and URI includes the following sequence. 1. Dialing and connecting to external endpoints 2. Entering the pound (#) symbol 3. Entering the meeting ID If an external endpoint is registered in Equinox H.323 Edge, calls to the endpoint can also be established using the E.164 number. Usually, external endpoints are not registered in the gatekeeper, so the gatekeeper must forward call requests to external endpoints in other networks to Equinox H.323 Edge to process and establish the call. You must configure Equinox H.323 Edge and H.323 Gatekeeper to support IP-based and URI- based dialing. Related links Configuring access for calls to H.323 video endpoints on page 304 URI-based dialing on page 305 Configuring URI-based dialing to external endpoints on page 306 Configuring IP address-based dialing to external endpoints on page 308
April 2018 Deploying Avaya Equinox Solution 303 Comments on this document? [email protected] Equinox H.323 Edge deployment
Configuring access for calls to H.323 video endpoints About this task Direct Public Access supports a direct connection to Equinox H.323 Edge for calls to external endpoints. To set up this connection, you need to configure: • Equinox H.323 Edge to process H.323 calls. • H.323 Gatekeeper to Equinox H.323 Edge instances to process the routing of the calls. For more information about configuring H.323 Gatekeeper, see Reference Guide for H.323 Gatekeeper. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. 3. Click the Configuration tab. 4. In the Direct Public Access section, select Enabled. 5. Enter the direct line extension number and the port range in the following fields: • Default Extension • Port Range Minimum Port • Port Range Maximum Port
Field Description Port Range Define the range of ports used for direct H.323 calls in the field. Important: If the external NIC of the Equinox H.323 Edge server is located behind a firewall, this range of port must also be opened in the firewall, as well as port 1720 for H.323 signaling. Default Extension Enter the default extension that you usually configure to the MCU IVR (Interactive Voice Response). Equinox H.323 Edge redirects a call to the default extension when the endpoint dials only the server's IP address without any extension. 6. Click Apply. Equinox Management displays a confirmation message. 7. Click Yes. Related links Calls between internal and external endpoints on page 303
April 2018 Deploying Avaya Equinox Solution 304 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
URI-based dialing The Avaya Equinox solution supports URI-based dialing, which is a dialing format to call and receive calls from external endpoints. URI is an address format where the address consists of the endpoint's name or number, followed by the domain name of the server to which the endpoint is registered, such as
April 2018 Deploying Avaya Equinox Solution 305 Comments on this document? [email protected] Equinox H.323 Edge deployment
Related links Calls between internal and external endpoints on page 303 Configuring URI-based dialing to external endpoints About this task Callers can establish calls to endpoints using the IP address, URI, or the E.164 number of endpoints. Configure Equinox H.323 Edge to accept H.323–based calls and forward them. You also need to configure internal gatekeeper of Equinox Management to define one or more instances of Equinox H.323 Edge as the neighbor of the internal gatekeeper to establish routes for the H.323–based calls. The internal gatekeeper of Equinox Management forwards URI-based calls from internal endpoints to external endpoints in another enterprise through Equinox H.323 Edge. The internal gatekeeper must also forward the URI-based calls from external endpoints through Equinox H.323 Edge because external endpoints are not registered to the internal gatekeeper. The external endpoints can be H.323–based and H.460–based. If the enterprise deployment has multiple Equinox H.323 Edge instances, which includes several servers deployed as one server behind a load balancer, perform this procedure for each Equinox H.323 Edge instance.
April 2018 Deploying Avaya Equinox Solution 306 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Before you begin • Configure Direct Public Access on Equinox H.323 Edge for calls to H.323–based endpoints. Using Direct Public Access, internal endpoints can call external H.323–based endpoints that do not support H.460. If you are configuring multiple Avaya Equinox H.323 Edges, with or without a load balancer, do this for each Avaya Equinox H.323 Edge. • Integrate Equinox H.323 Edge with the H.323 gatekeeper to enable external endpoints to communicate with internal endpoints. • Get the IP address of the Equinox H.323 Edge internal NIC. If you are configuring multiple Avaya Equinox H.323 Edges, with or without a load balancer, do this for each Avaya Equinox H.323 Edge. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management opens the Equinox H.323 Edge instance window. 3. On the Info tab, note the IP address and port number in Public Access Proxy Address. 4. Click the Configuration tab. 5. Configure the following fields in the URI Dialing Settings section: • Local Domain Name • Strip Domain Name 6. Click Settings. 7. On the left pane, under System Preferences, click Local Services. Equinox Management displays the Local Services page. 8. Click H.323 Gatekeeper. Equinox Management displays the internal H.323 gatekeeper page. 9. Click Neighbors > Add. Equinox Management displays the Add Neighbors window. 10. Configure the following fields: • Prefix: Keep this field empty. • Description • IP Address: The IP address of the internal NIC of Equinox H.323 Edge • Port: 1719 11. Click OK. 12. Click Apply.
April 2018 Deploying Avaya Equinox Solution 307 Comments on this document? [email protected] Equinox H.323 Edge deployment
Result Equinox Management adds Equinox H.323 Edge as a neighbor of the internal gatekeeper. Related links Calls between internal and external endpoints on page 303 Configuring IP address-based dialing to external endpoints About this task Callers can establish calls to endpoints using the IP address, URI, or the E.164 number of endpoints. Configure the internal gatekeeper of Equinox Management to forward IP address- based calls from internal endpoints to external endpoints through Equinox H.323 Edge. The internal gatekeeper must forward the IP address-based calls from external endpoints through Equinox H.323 Edge because external endpoints are not registered to the internal gatekeeper.
If the enterprise deployment has multiple Equinox H.323 Edge instances, which includes several servers deployed as one server behind a load balancer, perform this procedure for each Equinox H.323 Edge instance. Before you begin • Get the IP address of the Equinox H.323 Edge internal NIC. If you are configuring multiple Avaya Equinox H.323 Edges, with or without a load balancer, do this for each Avaya Equinox H.323 Edge. • Get the Direct Public Access address of Equinox H.323 Edge. If you are configuring multiple Avaya Equinox H.323 Edges, with or without a load balancer, do this for each Avaya Equinox H.323 Edge. • Configure Direct Public Access on Equinox H.323 Edge for calls to external endpoints. Using Direct Public Access, internal endpoints can call external endpoints that do not support H. 460. If you are configuring multiple Avaya Equinox H.323 Edges, with or without a load balancer, do this for each Avaya Equinox H.323 Edge. • If the enterprise deployment has multiple Equinox H.323 Edge instances, verify that the correct redundancy policy is configured between the internal gatekeeper of Equinox Management and each Equinox H.323 Edge instance.
April 2018 Deploying Avaya Equinox Solution 308 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
The internal gatekeeper of Equinox Management has its own load balancing method to work with multiple Equinox H.323 Edge instances for outgoing calls from internal endpoints to external endpoints. By default, the internal gatekeeper is configured to the Scalability policy, which enables the internal gatekeeper to send requests to each Equinox H.323 Edge instance using the round robin method. You can set also configure the internal gatekeeper of Equinox Management to work with the Priority policy where the internal gatekeeper can establish the route of the call to the first Equinox H.323 Edge instance in the list and send the call to the next Equinox H.323 Edge instance if the first Equinox H.323 Edge instance fails. Contact Customer Support to configure the Equinox H.323 Edge redundancy policy. Note: The Equinox H.323 Edge redundancy policy configuration is different from the redundancy policy for the load balancer, which instructs it how to direct incoming traffic from the external network to the internal network.
Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management opens the Equinox H.323 Edge instance window. 3. On the Info tab, note the IP address and port number in Public Access Proxy Address. 4. Click Settings. 5. On the left pane, under System Preferences, click Local Services. Equinox Management displays the Local Services page. 6. Click H.323 Gatekeeper.
April 2018 Deploying Avaya Equinox Solution 309 Comments on this document? [email protected] Equinox H.323 Edge deployment
Equinox Management displays the internal H.323 gatekeeper page. 7. Click Route IP calls, and select Route IP calls to H.323 Edge Server. 8. Click Add. Equinox Management displays the Add IP Calls window. 9. Configure the following fields: • IP Address • Port The value of these fields must match the IP address and port number in Public Access Proxy Address on the Info tab of the Equinox H.323 Edge instance window. 10. Click OK. Result The internal gatekeeper of Equinox Management forwards all IP address-based calls from external endpoints through Equinox H.323 Edge. Related links Calls between internal and external endpoints on page 303
Secure connection with Equinox Management Creating security certificates About this task TLS certificates, issued by a trusted certification authority, contain the public encryption keys of Equinox H.323 Edge that are used over the network to ensure authentication and encryption of the network connection. Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance window. 3. Click the Certificate tab. 4. Click Create. Equinox Management displays the Generate CSR window.
April 2018 Deploying Avaya Equinox Solution 310 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
5. Configure the following fields: • Common name • Organizational Unit • Organization • City • State • Country Code • Encryption Strategy • Signature Algorithm 6. Click Generate CSR. 7. Click Save to view the certificate. Equinox Management displays the certificate in the Download window. 8. Save the certificate. Equinox Management saves the certificate as a CSR file that is compatible with the Base-64 ASCII code. 9. Send the CSR file containing the certificate to the certification authority for signing. Select Web Server as the certificate template when you submit the certificate request. Result The certification authority will send back a signed certificate. Next steps Upload the certificates. Generate CSR field descriptions
Name Description Common Name The Equinox H.323 Edge FQDN. For a redundant deployment, the common name must be the public virtual FQDN. Country Code The standard country code that consists of two characters. For example, uk for United Kingdom or jp for Japan. This field is not case-sensitive. Encryption Strategy The code for the encryption strategy. The options are: • 1024 Table continues…
April 2018 Deploying Avaya Equinox Solution 311 Comments on this document? [email protected] Equinox H.323 Edge deployment
Name Description • 2048 • 4096 Signature Algorithm The algorithm to use when generating the signature on the certificate. This algorithm is a combination of the private keys of both the CA and the device. The options are: • SHA1withRSA • SHA256withRSA
Uploading security certificates About this task TLS certificates from the certification authority must be uploaded to Equinox H.323 Edge to ensure authentication and encryption of the network connection. If Equinox Management is configured as the certificate authority, Equinox Management automatically generates a self-signed certificate to upload to Equinox H.323 Edge when the connection between Equinox Management and Equinox H.323 Edge establishes. You can replace the Equinox Management self-signed certificate. Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. Before you begin Generate the certificates. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance window. 3. Click the Certificate tab. 4. Click Upload. Equinox Management displays the Upload certificates window. 5. Click Add, and browse to the certificates. Repeat this step for all certificates. Equinox Management displays a confirmation message after each certificate is uploaded. 6. Click Apply All. Result Equinox Management uploads the security certificate to Equinox H.323 Edge.
April 2018 Deploying Avaya Equinox Solution 312 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Next steps 1. Restart Equinox H.323 Edge. 2. Enable the secure connection between Equinox H.323 Edge and Equinox Management. Securing the connection with Equinox Management using TLS Before you begin Upload the security certificates. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the name of the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance window. 3. Click the Configuration tab. 4. Click Network Settings. 5. Select Secure Connection, Result The connection between Equinox H.323 Edge and Equinox Management is secured using TLS.
Adding and updating licenses About this task Update licenses when you increase the Equinox H.323 Edge capacity or increase the number of ports with a flexible license. If you upgrade Equinox H.323 Edge to a major version, you must have a new license. Before you begin • Download the Equinox H.323 Edge upgrade package at https://plds.avaya.com/. • Get the Equinox H.323 Edge System ID. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance page. 3. Click the Licensing tab. 4. In Update License Key, type the license key. 5. Click Apply.
April 2018 Deploying Avaya Equinox Solution 313 Comments on this document? [email protected] Equinox H.323 Edge deployment
Result Equinox Management activates the new Equinox H.323 Edge license.
Configuring remote access About this task Configure remote access to Equinox H.323 Edge. You can use these remote access logins to administer Equinox H.323 Edge using Equinox Management. Before you begin To enable a secure connection between Equinox H.323 Edge and Equinox Management, configure the security certificates in the Certificate tab. Procedure 1. Log in to Equinox Management. 2. Click Devices, and select the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance page. 3. Click the Access tab. 4. Configure the following settings: • Username: The user name of the administrator. • Password: The password of the administrator. 5. Click Apply.
Access field descriptions
Name Description Username The user name of the administrator. You can change the user name. Password The password of the administrator. The password must match the password configured for the administrator in Equinox H.323 Edge. You can change the password.
April 2018 Deploying Avaya Equinox Solution 314 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Configuring QoS for audio and video About this task Quality of Service helps solve network performance issues by assigning relative priorities to the following packets: • Audio, which is one of the media sent during a call. For example, by assigning high priority to audio under poor network conditions with high packet loss, you determine that audio is the most important element of the videoconference to be maintained at the expense of better video quality. Audio is transmitted via the RTP and RTCP protocols in H.323 calls. Video, which includes shared data stream like a presentation, also known as dual video. Far end camera control (FECC) is another example of information carried on the data stream. Video is transmitted via the RTP and RTCP protocols in H.323 calls. Control, which includes signaling and media control. - Signaling messages include the authorization to make the call, checking bandwidth, resolving endpoint addresses, and routing the call through different servers. Signaling is transmitted via the H.225.0/Q.931 and H.225.0/RAS protocols in H.323 calls. Signaling occurs before the control aspect of call setup. - Control messages include checking compatibility between endpoints, negotiating video and audio codecs, and other parameters like resolution, bitrate and frame rate. Control is communicated via H.245 in H.323 endpoints. Control occurs within the framework of an established call, after signaling. During low-bandwidth conditions, Equinox Management uses these priority settings to adjust the quality of the meeting. Follow this procedure to determine the relative priorities for audio, video, and control transmitted via Equinox H.323 Edge. Procedure 1. Log in to Equinox Management. 2. Click Devices, and click the Equinox H.323 Edge instance. Equinox Management displays the Equinox H.323 Edge instance page. 3. Click Configuration > Advanced Parameters. Equinox Management displays the Advanced Parameters window. 4. Select Options of QoS Settings, and set the value to one of the following settings:
Field Description None Select this setting when the network has sufficient bandwidth for each stream (audio, video, and media control) and does not require any prioritization of the different streams. Table continues…
April 2018 Deploying Avaya Equinox Solution 315 Comments on this document? [email protected] Equinox H.323 Edge deployment
Field Description Default Select this setting to use the following default priority values for each stream: • 48 for the media Control stream. This highest priority ensures that calls are set up properly even if it means that other calls ongoing may reduce their video or audio during a call setup. All TCP connections use the QoS value set in this field. • 46 for the Audio stream. This priority ensures that audio is always given precedence over video. This audio applies to multiple video channels (e.g., sound stream for endpoint microphones and presentations). • 34 for the Video stream. The lowest default priority is given to video image quality. It applies to endpoint camera images and also covers data streams like far end camera control. Customized The QoS options to configure the relative priority of the audio, video, and control channels. Use the following advanced parameters to set the priority of the audio, video, and control channels. The valid value range is from 0 to 255: • QoS value for Audio Channel • QoS value for Video Channel • QoS value for Control Channel
Creating an Equinox H.323 Edge server Cluster About this task You can create a cluster of Equinox H.323 Edge servers. H.323 Edge server clusters enable you to increase your call volume. Equinox Management treats a cluster as if it is a single server, so if you have three servers in a cluster, the cluster can handle three times as many calls as a single H. 323 Edge server. Note: The built-in virtual machine clustering mechanism relies on a multicast MAC address to distribute the network traffic to all the virtual machines. Typically, network routers and firewalls deny multicast MAC addressing. You might need to update the router and firewall policy for the clustering mechanism to work. Before you begin Ensure that you have more than one H.323 Edge server configured in your deployment. Procedure 1. Access the Equinox Management administrator portal. 2. Select Devices > Devices by Type > Media & Signaling > H.323 Edge Servers.
April 2018 Deploying Avaya Equinox Solution 316 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
The H.323 Edge Servers page appears.
Figure 111: H.323 Edge Servers Page 3. Select Create a Cluster. The Create a Cluster dialog box appears:
Figure 112: Create a Cluster Dialog Box 4. Configure a Cluster Name and Public IP Address in the relevant fields, and select the check boxes of the servers you want to add to the cluster. 5. Select Apply. The cluster appears in the list on the H.323 Edge Servers page.
April 2018 Deploying Avaya Equinox Solution 317 Comments on this document? [email protected] Equinox H.323 Edge deployment
Figure 113: H.323 Edge Server Cluster
A cluster has one of the following statuses: • Green: Normal • Yellow: Alarm Note: If the cluster is deployed inside a private address DMZ, the cluster’s public IP address must be mapped to an actual global IP address. The global IP address must be configured to the public IP address in the NAT support section of the cluster’s H.323 Edge server. If the cluster is deployed in the public network, the cluster’s IP address does not need to be mapped and therefore can be set to the public IP address in the NAT support section of the cluster’s H.323 Edge server.
Viewing the Avaya Equinox H.323 Edge Server Usage Rate About this task After configuring an Equinox H.323 Edge server, you can view the number of used Equinox H.323 Edge ports relative to the total number of ports. You can determine the number of used and available ports, enabling you to determine whether a call was rejected due to a lack of resources. Before you begin Ensure that at least one Equinox H.323 Edge server is configured in your Equinox Management environment. Procedure 1. Access the Equinox Management administrator portal. 2. Select Devices > Devices by Type > H.323 Edge Servers. 3. On the Info tab, locate the Ongoing Calls/Maximum row. The number of ports that are in use displays next to the total number of available ports.
April 2018 Deploying Avaya Equinox Solution 318 Comments on this document? [email protected] Equinox H.323 Edge initial configuration
Figure 114: Equinox H.323 Edge Usage Rate
April 2018 Deploying Avaya Equinox Solution 319 Comments on this document? [email protected] Chapter 15: Avaya Equinox Streaming and Recording deployment
Introducing Avaya Equinox Streaming and Recording
Avaya Equinox Streaming and Recording Server For the streaming and recording of conferences, Avaya has developed the Avaya Equinox Streaming and Recording Server (Equinox Streaming and Recording). Equinox Streaming and Recording is the Avaya next generation HD streaming and recording platform. Before you install Equinox Streaming and Recording, you must make a number of decisions in order to ensure that the solution exactly matches the requirements of your deployment. For example, you must make a decision about scalability in accordance with the size of your enterprise. For a small enterprise, you can choose a single appliance which houses all of the Equinox Streaming and Recording components. For a large enterprise, you can choose a distributed solution with multiple media nodes. Equinox Streaming and Recording is highly flexible and easily adaptable, whatever your requirements. In addition, you must decide if you require a high degree of redundancy1 and whether you would like to enable external access and storage in the ‘cloud’. In both the Over The Top (OTT) and Team Engagement (TE) solutions, Equinox Streaming and Recording is optional, however if you want to record and playback videoconferences, you must install it. If you would like users outside of the enterprise to access recordings, you can deploy Equinox Streaming and Recording in a Demilitarized Zone (DMZ) or use a reverse proxy server. In this way, the Equinox Streaming and Recording is similar to the Avaya Scopia® Web Collaboration server (WCS). If you would like users outside of the enterprise to access the videoconference, you must deploy the WCS in a DMZ or use a reverse proxy server. Equinox Streaming and Recording and WCS also support a Network Address Translation NAT Firewall configuration in a DMZ deployment. NAT Firewall is an additional layer of security. It blocks unrequested inbound traffic. Components The Avaya Equinox Streaming and Recording Server consists of the following components: • Equinox Streaming and Recording Conference Point™ (CP) • Equinox Streaming and Recording Delivery Node™ (DN)
1 High Availability is not supported for the Manager in this release. High Availability is not supported for All-in-one servers.
April 2018 Deploying Avaya Equinox Solution 320 Comments on this document? [email protected] Introducing Avaya Equinox Streaming and Recording
• Equinox Streaming and Recording Virtual Delivery Node™ (VDN) • Equinox Streaming and Recording Manager™ • Equinox Recording Gateway™ Equinox Streaming and Recording Conference Point™ You must configure a conference point to capture H.323 video content and deliver live and on demand webcasting. The Equinox Streaming and Recording conference point includes an embedded transcoder to convert H.323 calls into Windows Media or .MP4 format. Each conference point must be associated with a delivery node. A delivery node streams and optionally archives the content captured by the conference point and delivers it to client systems. You can configure a conference point to be in a geographic location. This means that you can assign a location to one or more conference points which coincide with locations set for Scopia Elite MCUs and/or Equinox Media Servers in Equinox Management. When a program starts, Equinox Management includes the desired location, and a conference point close to the MCU/ Media Server can be selected. If there are no conference points matching the location passed by Equinox Management, then any conference points without a location are treated as a single pool of conference points, and one of those is selected. If there are no conference points available, the call fails. Each conference point has a limit to the number of simultaneous high definition or standard definition calls it can handle. The CP includes the following features: • Video conferencing H.323 capture and transcoding • High definition support • Scalability for up to 40 480p, or up to 60 360p recordings, or up to 75 audio-only recordings • Scalability for up to 10 1080p recordings, or for up to 20 720p recordings • G.711 and AAC-LC audio capture and transcoding • H.263, H.263+, H.264 capture and transcoding The media node or all-in-one server can include the CP and transcoder components. The H.323 video and audio and the optional H.239 stream received by the CP are sent to the internal encoder for transcoding into Windows Media™ format or H.264/AAC MP4/MPEGTS/HLS formats. • Operating Systems: The transcoder runs on the Windows Server 2012 R2 64-bit operating system with Hyper-V (an add-on to Windows Server 2012 that allows a Linux operating system to run on the same server). The CP runs on the CentOS 6.6 64-bit operating system. Using virtualization software, this enables both applications to run two different operating systems on the same server. • Licensing: The server requires a single media node license for the CP. The license defines the number of simultaneous H.323 connections. An H.323 connection includes audio, video, and an optional H.239 secondary stream. • Transcoding H.323 audio and Video: The CP connects H.323 calls to the Scopia Elite MCUs (Multipoint Control Units) and/or Equinox Media Servers. When it establishes a video connection, the CP sends the audio and video data from the MCU/Media Server to the internal transcoder. The transcoder converts the data into a format that is suitable for streaming.
April 2018 Deploying Avaya Equinox Solution 321 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
• Transcoding with H.239: H.239 is an ITU recommendation that allows for establishment of multiple channels within a single H.323 session. Existing videoconference equipment can be used to stream audio and video and a secondary channel can stream a slide presentation or another data stream to the viewers of a program. This function is typically used to stream slide presentations synchronized with live audio and video. If a program uses a secondary H. 239 channel, the encoder inputs the second stream, decodes, scales and mixes it with the main video input for transcoding/streaming. The streams are then sent to the DN for delivery to the distribution network. The dual stream can also be recorded as a single MP4 program. • High definition support: The CP supports high definition video and higher rate streaming quality and bandwidth. The CP supports the following ITU recommendations: - H.261 up to CIF Video - H.262 up to CIF video - H.263 up to CIF video - H.264 up to 1080p video - H.263+ up to 1024 x 768 H.239 data - H.264 up to 1080p H.239 data - G.711 audio - AAC-LC audio The CP negotiates up to H.264 Level 3.2 video at 1.92 Mbps, and accepts up to 1080p and down to H.261 QCIF along with G.711 or AAC-LC audio. The streaming resolution and bandwidth rate depend on what you select for the bitrate when creating the program and what the Scopia Elite MCU and/or Equinox Media Server negotiates. Equinox Streaming and Recording Delivery Node™ The DN provides on-demand and broadcast video delivery. Used alone or in a hierarchy of devices, the DN supports thousands of concurrent streams. The DN uses intelligent routing, content caching, and inherent redundancy to ensure transparent delivery of high-quality video. Delivery nodes (DN) store all content that is created by the conference point and deliver the content to client systems at playback time. You must associate the conference point with the delivery nodes. A source DN is the original DN that receives a recording file from its associated conference point. A source DN sends the recording file to all of the other DNs in the network. The Delivery Node Details dialog displays a list of recording files, known as Source Programs and Distributed Programs. Source programs are programs (recording files) for which this delivery node is the main source for storage. Distributed programs are programs which other delivery nodes have forwarded to this delivery node. Equinox Streaming and Recording Virtual Delivery Node™ (VDN) A virtual delivery node (VDN) delivers content to a global content delivery network (CDN) provider for cloud-based viewer playback. The appliance and the network of the CDN act as one delivery mechanism. Therefore, the VDN appliance and the CDN together create the Equinox Streaming and Recording VDN solution. Upon program creation, the publisher includes the options of distributing the program to delivery nodes and to the Equinox Streaming and Recording VDN solution. VDN supports publishing recordings as well as live broadcast.
April 2018 Deploying Avaya Equinox Solution 322 Comments on this document? [email protected] Introducing Avaya Equinox Streaming and Recording
You can view the programs distributed to the VDN appliance and to be delivered to the CDN with the associated status of the program. Equinox Streaming and Recording currently only supports the Highwinds Cloud CDN. Equinox Streaming and Recording Manager™ The Equinox Streaming and Recording Manager provides a web-based interface to configure and manage streaming and recording software, devices, services, and users. The Equinox Streaming and Recording Manager application resides on a single hardware platform and provides access to all content in the Equinox Streaming and Recording environment. There are two Equinox Streaming and Recording Manager portals: • Equinox Streaming and Recording Manager Administrator Portal: Administrators use this portal to perform the following tasks: - Configure and manage video communications devices - Manipulate content - Monitor user roles - Create and set global policies - Identify best practices and usage effectiveness through comprehensive reporting - Allow access to the VDN for CDN deployment or programs - Manage organizations, in a multi-tenant deployment (including what profiles, categories and CDN settings they can access) - Create and manage viewer mappings to associate viewers with the appropriate distribution node location • Avaya Equinox Unified Portal: Viewers select the Recordings and Events tab on the main Avaya Equinox Unified Portal page to access the viewer portal. Users can select the Schedule tab to schedule an event. Users can perform the following tasks in relation to recordings: - View programs - Navigate categories - View live or on-demand programs Avaya Equinox Recording Gateway™ You can configure Equinox Streaming and Recording to record: • Audio-only conferences • Audio and web collaboration conferences • Multi-Stream Switching Video, audio, and web collaboration conferences Audio-only and audio and web collaboration conferences use SIP. Video, audio, and web collaboration conferences use H.323. In order to support this mix of protocols, you must deploy an Avaya Equinox Recording Gateway. You can deploy the Equinox Recording Gateway using the Avaya Equinox Management interface. The Equinox Recording Gateway is similar to an Avaya Equinox Media Server but does not accept regular client connections and is only used for recording purposes. When you add the media server (MCU) configured for high scale audio, you get two additional meeting types - Audio Service and Audio Service with Web Collaboration. Each
April 2018 Deploying Avaya Equinox Solution 323 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
meeting type is also matched to a particular rate of encoding and screen resolution. This means that recordings do not use unnecessary resources and disk space if they are not required by the meeting type. When a user records a conference, Equinox Management identifies the type of recording that is required by the user. It routes the media to the appropriate gateway, if one is required. Equinox Management also determines the most appropriate capture rate, resolution, frame rate, and encode rate for the Equinox Streaming and Recording Conference Point. The Equinox Recording Gateway does not require a separate license. When you buy a media node, you receive an Equinox Recording Gateway as well. For more information on adding the gateway to Equinox Management and for information on configuring the meeting types, see Administering Avaya Equinox Management, which is available on support.avaya.com. Related links Example of a direct DMZ deployment on page 324 Example of a reverse proxy deployment on page 325 Example of a distributed deployment on page 326 Example of a cloud deployment on page 329 System requirements on page 329 Example of a direct DMZ deployment Figure 115: Example of a Direct DMZ Deployment on page 325 displays an example of a Equinox Streaming and Recording deployment that is situated directly in the demilitarized zone (DMZ). The deployment is a centralized or all-in-one solution, which means that all of the Equinox Streaming and Recording components reside on a single server. An all-in-one solution is suitable for a small or medium deployment that does not require redundancy. In a typical small deployment, all of the Equinox Streaming and Recording components reside on a single server. The Equinox Streaming and Recording Manager and the transcoder run directly on the host server. The conference point (CP), delivery node (DN), and, optionally, a virtual delivery node (VDN) run as virtual servers. VDNs enable enterprises to host recordings in the cloud.
April 2018 Deploying Avaya Equinox Solution 324 Comments on this document? [email protected] Introducing Avaya Equinox Streaming and Recording
Figure 115: Example of a Direct DMZ Deployment
Figure 116: Components in an All-In-One Deployment with Virtual Software Related links Avaya Equinox Streaming and Recording Server on page 320 Example of a reverse proxy deployment Figure 117: Example of a Reverse Proxy Deployment on page 326 displays an example of a Equinox Streaming and Recording deployment that includes a reverse proxy server. The deployment is a centralized or all-in-one solution.
April 2018 Deploying Avaya Equinox Solution 325 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Figure 117: Example of a Reverse Proxy Deployment
Related links Avaya Equinox Streaming and Recording Server on page 320 Example of a distributed deployment Figure 118: Example of a Distributed Deployment on page 327 displays an example of a distributed Equinox Streaming and Recording deployment. The deployment also uses a reverse proxy server. In this example, there are several delivery nodes (DNs) and/or conference points (CPs). This configuration enables Equinox Streaming and Recording to host large numbers of recordings. A configuration with multiple media nodes can also provide redundancy. In a typical distributed deployment, the Equinox Streaming and Recording Manager resides on a separate, dedicated server. The various media nodes can operate as CPs, DNs, or virtual delivery nodes (VDNs). VDNs enable enterprises to host recordings in the cloud.
April 2018 Deploying Avaya Equinox Solution 326 Comments on this document? [email protected] Introducing Avaya Equinox Streaming and Recording
Figure 118: Example of a Distributed Deployment
Related links Avaya Equinox Streaming and Recording Server on page 320 Deployment choices for centralized and distributed solutions on page 327
Deployment choices for centralized and distributed solutions The Equinox Streaming and Recording server performs three functions: • Content recording • Content delivery • Content management Content delivery, in this context, refers to streaming. When you run the configuration utility (or wizard), you choose between three deployment options for the Avaya Equinox Streaming and Recording Server (Equinox Streaming and Recording). You can choose to house all three functions on a single server. Alternatively, you can choose to house the management function on one server and the recording and delivery functions on another server or servers. This configuration involving multiple servers is called a distributed system. If you intend to house all three functions on a single server, you must run the configuration utility on that server. On the selection screen, you must choose All-in-One..
April 2018 Deploying Avaya Equinox Solution 327 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Note: Avaya does not support the expansion of an All-in-One system to a Distributed System. You must carefully plan your deployment in view of your future capacity needs. If it is likely that your recording needs will go beyond the capacity of an All-in-One system in the future, Avaya recommends that you start with a small Distributed System (one standalone Manager and one Media Node) from day one. You can then add more Media Nodes to the system as needed. If you intend to install a distributed system, you must run the configuration utility on each server in the system. On the selection screen, you must choose whether the server will house the content management or the recording and delivery functions. Related links Example of a distributed deployment on page 326 All-in-one on page 328 Content Management components only on page 328 Media Node only on page 328
All-in-one If your Equinox Streaming and Recording deployment is an all-in-one system, all Equinox Streaming and Recording components reside on a single server. Related links Deployment choices for centralized and distributed solutions on page 327
Content Management components only If your Equinox Streaming and Recording deployment is a distributed system, the Equinox Streaming and Recording components reside on multiple servers. You must install the content management components on one server and install the recording and delivery components on another server or servers. For a distributed system, you must run the Equinox Streaming and Recording Configuration Utility on each of the servers. When you are running the configuration utility on the server which will act as the content management server, you must select Content management components only on the Select Configuration dialog of the configuration wizard. Related links Deployment choices for centralized and distributed solutions on page 327
Media Node only If your Equinox Streaming and Recording deployment is a distributed system, the Equinox Streaming and Recording components reside on multiple servers. You must install the content management components on one server and install the recording and delivery components on another server or servers. For a distributed system, you must run the Equinox Streaming and Recording Configuration Utility on each of the servers. You can install the recording component on one server and the delivery component on another server. Alternatively, you can install both aspects on a single server. In this
April 2018 Deploying Avaya Equinox Solution 328 Comments on this document? [email protected] Introducing Avaya Equinox Streaming and Recording
distributed configuration, these servers act as media nodes. When you are running the configuration utility on a server which will act a media node, you must select Media Node only on the Select Configuration dialog of the configuration wizard. A media node that is used for the recording component is called a Conference Point (CP). A media node that is used for the delivery component is called a Delivery Node (DN). Related links Deployment choices for centralized and distributed solutions on page 327 Example of a cloud deployment Example of a cloud deployment on page 329 displays an example of a Equinox Streaming and Recording deployment that hosts recordings in the cloud. The deployment is a centralized or all-in- one solution that uses a reverse proxy server. A cloud deployment uses a virtual delivery node (VDN) to host recordings remotely.
Figure 119: Example of a Cloud Deployment Related links Avaya Equinox Streaming and Recording Server on page 320 System requirements Before you log on to Equinox Streaming and Recording Manager user pages (in other words, Avaya Equinox Unified Portal), your client system must meet the system requirements listed in Table 54: Requirements on page 330.
April 2018 Deploying Avaya Equinox Solution 329 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Table 54: Requirements
Component Requirement Web browser • Microsoft Internet Explorer 11.0™ or later • Microsoft Edge™ N-1 or later • Mozilla Firefox™ N-1 or later (Mac or Windows) • Chrome™ N-1 or later (Mac, Windows, or Android) • Safari™ N-2 or later (Mac, iOS) JavaScript must be enabled. Operating system • Mac OS X 10.7 (Lion) or later • Windows™ 7 (32 and 64 Bit) • Windows™ 8 • Windows™ 8.1 • Windows™ 10 • iOS N-1 or later • Android 4.0.3. or later Media Player Microsoft Windows Media Player™ Release 9.0, 10.0, or 11.0 to view programs. Silverlight Microsoft Silverlight™ player to view programs. HTMLV5 Browsers A select number of browsers support video playback directly for MP4 VoD files including: • Internet Explorer 9, 10, 11 • Safari 6™ or later • Chrome 30™ or later • Microsoft Edge™ IOS Tablet and Phones, Android Tablets and Playback function for MP4 VoD files Phones, Windows Phones/Tablets
Note: To support non-Western language character sets, install the particular language pack on the client system from which you are accessing the Equinox Streaming and Recording Manager. Refer to the operating system documentation for your system. For the browsers and operating system combinations listed in Table 55: Flash Not Required on page 331, users can play recordings without the requirement of the Adobe Flash Plugin.
April 2018 Deploying Avaya Equinox Solution 330 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Table 55: Flash Not Required
Desktop Desktop Browser Operating System Browser version Google Chrome 34+ All Equinox Streaming and Recording Supportive Desktop OS (Win 7, Win 8, Win 8.1, Win 10+, MAC) Mozilla Firefox 42+ All Equinox Streaming and Recording Supportive Desktop OS (Win 7, Win 8, Win 8.1, Win 10+, MAC) Microsoft 11+ Windows 8.1+ Internet Explorer Apple Safari 6.0+ MAC OS X 10.6+ Microsoft Edge All Windows 10
Related links Avaya Equinox Streaming and Recording Server on page 320
Installing Avaya Equinox Streaming and Recording
Installation checklist Follow the steps in this checklist to install the Avaya Equinox Streaming and Recording Server (Equinox Streaming and Recording). Tip: It is a good idea to print out this checklist and to mark each task as you complete it.
No. Task Description Notes
1 Learn more about the new Avaya Equinox Streaming and streaming and recording Recording Server on page 320 server and figure out your deployment type. 2 • Connect the LAN cables, • Physically connecting the new keyboard, mouse, and server on page 333 monitor for your new server. • For more information about • Alternatively, you can obtaining and installing the purchase a Microsoft™ Equinox Streaming and Windows Image (WIM) and Recording WIM, see the install Equinox Streaming Equinox Streaming and and Recording on your own Recording Disaster Recovery server. Table continues…
April 2018 Deploying Avaya Equinox Solution 331 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
No. Task Description Notes
Guide, which is available from support.avaya.com. 3 Start up the server. Starting the new server on You require the Microsoft page 337 Windows product key. 4 Configure the server using the Configuring the new server on Avaya Equinox Streaming and page 338 Recording Server Configuration Wizard. 5 Set the IP addresses and Licensing the new server on apply the licenses. page 341 6 Configure the network that Configuring external addresses Before registering each device will use to for public interfaces on page 351 devices, you may want to communicate with the Equinox set which network each Streaming and Recording device uses to Manager. communicate with the Equinox Streaming and Recording Manager. This forces the proper communication path to and from the Equinox Streaming and Recording Manager no matter which IP the Equinox Streaming and Recording Manager uses to communicate with the Equinox Streaming and Recording device. 7 Register each of the Registering each of the components with the main components on page 353 server. 8 On the delivery node (DN), Configuring delivery nodes on configure the parent delivery page 355 node. 9 On the conference point (CP), Configuring conference configure the gatekeeper IP points on page 363 and source DN. 10 On Equinox Streaming and Specifying polling intervals and Recording, configure the the network address on network address for device page 365 communication. 11 Register Equinox Streaming Adding and Modifying Equinox and Recording with Equinox Streaming and Recording Management. Servers in Equinox Management on page 367 Table continues…
April 2018 Deploying Avaya Equinox Solution 332 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
No. Task Description Notes
12 Configure the Avaya Equinox Configuring the Avaya Equinox Recording Gateway. Recording Gateway on page 368
Physically connecting the new server Before you begin You require a keyboard, a mouse, and a monitor. You also require several IP addresses and up to six category 5e LAN cables. Ensure that you received the following items with your Avaya Equinox Streaming and Recording Server (Equinox Streaming and Recording): • Power cords • Rack mount kit Procedure 1. Connect the keyboard, mouse, and monitor. 2. Connect the LAN cable(s). All of the Avaya Equinox Streaming and Recording Server NICs are 1GBit bonded. Connect to at least one. They all respond with a single IP address. 3. Connect the power cable. 4. Power up the unit. Next steps Return to the Installation checklist on page 331 to see your next task. Related links Front view of Dell PowerEdge R630 Server on page 334 Back view of Dell PowerEdge R630 Server on page 335
April 2018 Deploying Avaya Equinox Solution 333 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Front view of Dell™ PowerEdge™ R630 Server
No. Item Icon Description 1 Power-On Indicator, The power-on indicator lights when the system power is on. The power Power Button button controls the power supply output to the system.
Note: On ACPI-compliant operating systems, turning off the system using the power button causes the system to perform a graceful shutdown before power to the system is turned off. 2 NMI Button Used to troubleshoot software and device driver errors when running certain operating systems. This button can be pressed using the end of a paper clip. Use this button only if directed to do so by qualified support personnel or by the operating system documentation. 3 System The identification buttons on the front and back panels can be used to Identification Button locate a particular system within a rack. When one of these buttons is pressed, the LCD panel on the front and the system status indicator on the back flashes blue until one of the buttons are pressed again. Press to toggle the system ID on and off. If the system stops responding during POST, press and hold the system ID button for more than five seconds to enter BIOS progress mode. To reset the iDRAC (if not disabled in F2 iDRAC setup) press and hold the button for more than 15 seconds. 4 USB Connectors Allows you to insert USB devices to the system. The ports are USB 2.0- (2) compliant. 5 Optical Drive One DVD+/-RW drive.
Note: DVD devices are data only. Table continues…
April 2018 Deploying Avaya Equinox Solution 334 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
No. Item Icon Description 6 vFlash Media Card Not used in Avaya configurations. Slot 7 LCD Menu Buttons Allows you to navigate the control panel LCD menu. 8 Information Tag A slide-out label panel, which allows you to record system information, such as Service Tag, NIC, MAC address. 9 LCD Panel Displays system ID, status information, and system error messages. The LCD lights blue during normal system operation. When the system needs attention, the LCD lights amber and the LCD panel displays an error code followed by descriptive text.
Note: If the system is connected to AC power and an error is detected, the LCD lights amber regardless of whether the system is turned on or off. 10 Video Connector Allows you to connect a VGA display to the system.
11 Hard Drives Support for up to eight 2.5 inch hot-swappable hard drives.* * The first 2 HDDs are placed in the slots under the DVD Drive and read left to right, the remaining HDDs read top to bottom, left to right. 12 Quick Sync Not used in Avaya configurations.
More information can be found in the Front-panel features and indicators section of the Dell Owner’s Manual. Related links Physically connecting the new server on page 333 Back view of Dell™ PowerEdge™ R630 Server
April 2018 Deploying Avaya Equinox Solution 335 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
No. Item Icon Description 1 System The identification buttons on the front and back panels can be used to Identification Button locate a particular system within a rack. When one of these buttons is pressed, the LCD panel on the front and the system status indicator on the back blink until one of the buttons are pressed again. Press to toggle the system ID on and off. If the system stops responding during POST, press and hold the system ID button for more than five seconds to enter BIOS progress mode. If you are directed by services to reset the iDRAC port, press and hold the button for more than 15 seconds. 2 System Allows you to connect the optional system status indicator assembly Identification through the optional cable management arm. Connector 3 iDRAC8 Enterprise Dedicated management port. Port Note: The port is available for iDRAC8 Express features only. Avaya systems do not come with an Enterprise license. (Not normally used in Avaya systems.) 4 PCIe Expansion Allows you to connect a low profile PCIe expansion card. Card Slot 1 (riser 2) Note: If your server is equipped with 6 or 8 NIC ports this slot can contain two port 10/100/1000 Mbps NIC connectors or two 100 Mbps/1Gbps/10 Gbps SFP + connectors, 2 CPUs must be installed for this slot to be available for use. 5 Serial Connector Allows you to connect a serial device to the system.
6 Video Connector Allows you to connect a VGA display to the system.
7 USB Connectors Allows you to connect USB devices to the system. The ports are USB (2) 3.0-compliant. 8 PCIe Expansion Allows you to connect a full-height half-length PCIe expansion card. Card Slot 2 (riser 3) Note: If your server is equipped with 6 or 8 NIC ports this slot can contain two port 10/100/1000 Mbps NIC connectors or two 100 Mbps/1Gbps/10 Gbps SFP + connectors. 9 Ethernet Four integrated 10/100/1000 Mbps NIC connectors (Avaya Standard). Connectors (4) Note: NIC port numbers are read from left to right, starting with Port 1, then continuing to Ports 2, 3, and 4. 10 Power Supply Wattage and voltage type depends on configuration. (PSU1) Table continues…
April 2018 Deploying Avaya Equinox Solution 336 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
No. Item Icon Description 11 Power Supply Wattage and voltage type depends on configuration. (PSU2)
More information can be found in the Back-panel features and indicators section of the Dell Owner’s Manual. Related links Physically connecting the new server on page 333
Initially configuring the new server If you have the Avaya-provided server (The Avaya Common Server), it includes a pre-licensed copy of Windows Server 2012 R2. If you are deploying the software image (WIM) on a 3rd party server then you need to purchase a separate “Windows Server 2012 R2 Embedded Telco edition” license (or greater license edition such as a non-embedded standard version if desired) prior to installation. The software image includes Windows Server 2012 R2 and you are required to provide a license key during the initial configuration. Procedure 1. Start up the server. 2. Press Ctrl+Alt+Delete to log in. 3. Choose C to configure the network settings. You can configure the network addresses statically or dynamically. Avaya recommends using statically assigned IP addresses, as the IP address needs to remain constant. If you do choose to use dynamically assigned IP addresses, your network must be DHCP- enabled. 4. Choose S for statically assigned IP addresses or D for dynamically assigned IP addresses. If you choose D, the setup tries to obtain an address. If you choose S, you are prompted to enter the IP address. 5. Enter your subnet mask by choosing an appropriate prefix length. 6. Enter the gateway address. You must enter a valid gateway address that fits within the IP and subnet mask that you previously entered. The system provides a valid range of IPs that you can use for the gateway. You must pick one of these IP addresses. 7. Enter your primary DNS Server IP. This is a mandatory step. 8. (Optional) Enter a secondary DNS IP or press Enter if you want to skip this step. 9. (Optional) Enter a DNS suffix.
April 2018 Deploying Avaya Equinox Solution 337 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
You should enter a DNS suffix for FQDN/SSL configurations. 10. Enter the server host name, or press Enter to use the default generated hostname. You should enter a hostname for FQDN/SSL configurations. You are then prompted to enter a new password. 11. At the You must choose a new Administrator password. Enter new Administrator password: prompt, type a new password. 12. At the Reenter new Administrator password to confirm: prompt, re-type your new password. 13. Confirm the configuration and select Y if it is correct, or N if you would like to reenter the data. When you enter Y, the server reboots. 14. When the server starts up again, press Ctrl+Alt+Delete to log in. 15. (Optional) Synchronize the time on the new server with the time on your NTP server. a. Click on the time and date in the task bar. b. Click (Change date and time settings...). c. On the Date and Time tab, perform the following actions: • Set the correct date and time using the Change date and time button. • Set the correct timezone using the Change timezone button. d. On the Internet Time tab, click Change settings... and perform the following actions: • Ensure that Synchronize with an Internet time server is selected. • Enter the NTP server in the Server list. • Click OK. 16. Click OK. Next steps Return to the Installation checklist on page 331 to see your next task.
Configuring the new server The Avaya Equinox Streaming and Recording Server Configuration Utility launches automatically when the operating system is loaded for the first time. You can also run the configuration utility at any time from the Start menu or from the desktop shortcut. If you previously installed a Delivery Node (DN), either as part of an all-in-one deployment or on its own, you can add or remove a Virtual Delivery Node (VDN) or an external storage device called a storage area network (SAN), without disrupting the server configuration. If you have not previously installed a DN, the configuration utility erases any previous configurations on the Equinox Streaming and Recording server.
April 2018 Deploying Avaya Equinox Solution 338 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
About this task Ths task describes how to configure Equinox Streaming and Recording in an enterprise deployment. If yours is a service provider deployment, the steps vary slightly. Procedure 1. On the Choose Setup Language dialog, select your preferred language. 2. On the next screen, click Next. The first time you run the configuration utility, a Welcome screen is displayed. If you have not configured a delivery node (DN) and you run the configuration utility again, a Warning screen is displayed because you may be about to perform a harmful action. If you have configured a DN and you run the configuration utility again, you can add or remove a virtual delivery node (VDN) or an external storage device without disturbing the server configuration. 3. On the End-User License Agreement screen, select I accept the terms of the License Agreement to accept the license agreement. 4. Click Next. 5. On the Select Configuration screen, select your deployment type. For more information, see Deployment types on page 327.
Figure 120: Select Configuration 6. On the Deployment Type screen, perform one of the following actions: • If you have selected All-in-One on the Select Configuration screen, select Enterprise deployment or Multi-tenant to match your Equinox Management deployment.
April 2018 Deploying Avaya Equinox Solution 339 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Figure 121: Deployment Type • If you have selected Content management components only on the Select Configuration screen, select Enterprise deployment or Multi-tenant to match your Equinox Management deployment. The screen is similar to Figure 121: Deployment Type on page 340. • If you have selected Media Node only on the Select Configuration screen, select whether you want to install the recording and delivery (streaming) components, the recording components, or the delivery components by selecting Configure content recording and streaming components, Configure content recording components only, or Configure content streaming components only.
Figure 122: Deployment Type 7. Click Next. 8. (Optional) At this point, you can choose to install a Virtual Delivery Node (VDN). 9. (Optional) At this point, you can choose to install a SAN. 10. Click Next to skip the optional screens. 11. On the Finish Configuration screen, click Finish. The Equinox Streaming and Recording Configuration Utility installs the Equinox Streaming and Recording components.
April 2018 Deploying Avaya Equinox Solution 340 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
12. On the Complete Configuration screen, click View Addresses to display the MAC addresses of the Equinox Streaming and Recording server. You require these MAC addresses in order to license the Equinox Streaming and Recording server. The MAC addresses are also stored in C:\assrconfigtool \MAC_Addresses.txt. 13. Make note of the MAC addresses. This information is required when you access the Avaya PLDS system to obtain a license key. Next steps Return to the Installation checklist on page 331 to see your next task.
Licensing checklist Follow the steps in this checklist to license the Avaya Equinox Streaming and Recording Server (Equinox Streaming and Recording).
No. Task Description Notes
1 Set the IP address of each of Setting the IP address of the the remaining components. recording component (Conference Point) on page 342 You have already set the IP address of the Equinox Setting the IP address of the Streaming and Recording delivery component (Delivery Manager. Node) on page 345 2 Restart services. Restarting services on page 345 3 Apply the license to each of the Applying the license to the You must apply components. management component on the license to page 346 all components. Applying the license to the recording component (Conference Point) on page 346 Applying the license to the delivery component (Delivery Node) on page 347 4 Verify license information. Viewing license information on page 348
Related links Setting the IP address of the recording component (Conference Point) on page 342 Setting the IP address of the delivery component (Delivery Node) on page 345 Restarting services on page 345 Applying the license to the management component on page 346
April 2018 Deploying Avaya Equinox Solution 341 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Applying the license to the recording component (Conference Point) on page 346 Applying the license to the delivery component (Delivery Node or Virtual Delivery Node) on page 347 Viewing license information on page 348 Setting the IP address of the recording component (Conference Point) The recording component is known as the conference point or CP. About this task You should set an IPv4 address. Before you begin Obtain the Avaya Equinox Streaming and Recording Server license keys from the Avaya Product Licensing and Delivery System (PLDS). Procedure 1. Double-click on the Hyper-V Manager shortcut on the desktop. 2. In the Virtual Machines panel, double-click on the CP entry.
Figure 123: Hyper-V Manager 3. Log in to the Conference Point (CP) on the console as admin. The default password is admin. If this is the first time that you have logged into the CP, you are prompted to change your password.
April 2018 Deploying Avaya Equinox Solution 342 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
4. (Optional) If you are using DHCP, retrieve your IP address and make a note of it. a. Run ifconfig. b. Look at inet addr for eth0.
Figure 124: Retrieving the IP Address 5. Type network to open the configuration screens. 6. On the Terminal window, highlight Device configuration and press Enter.
April 2018 Deploying Avaya Equinox Solution 343 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Figure 125: Device Configuration 7. On the Select A Device window, highlight eth0 and press Enter. 8. Use the Tab key to highlight Use DHCP and press the Spacebar key to disable DHCP. 9. Use the Tab key to navigate to the other fields and enter the following details: • Static IP • Netmask • Default gateway IP • Primary DNS Server • Secondary DNS Server
April 2018 Deploying Avaya Equinox Solution 344 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Figure 126: Network Configuration 10. Use the Tab key to highlight Ok and press Enter. 11. On the Select A Device window, use the Tab key to highlight Save and press Enter. 12. On the Select Action window, use the Tab key to highlight Save and press Enter. 13. In the terminal window, type service network restart to restart network services. Next steps Return to the Licensing checklist on page 341 to see your next task. Related links Licensing checklist on page 341 Setting the IP address of the delivery component (Delivery Node) A Delivery Node (DN) can be a Virtual Delivery Node (VDN). You should only use a VDN if you subscribe to the Highwinds Content Delivery Network (CDN). CDN is a cloud-based streaming system. The delivery component is also called streaming. Procedure Use the same set of steps that you used for Setting the IP address of the recording component (Conference Point) on page 342. Next steps Return to the Licensing checklist on page 341 to see your next task. Related links Licensing checklist on page 341 Restarting services About this task The services that you must restart are: • Apache Tomcat • Apache 2.4
April 2018 Deploying Avaya Equinox Solution 345 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
• Avaya Equinox Streaming and Recording Server Transcoder Procedure 1. Double-click on the Services icon on the desktop. 2. On the Services screen, right-click Apache Tomcat 7.0 Tomcat7 and select Restart from the menu options. 3. Right-click Apache2.4 and select Restart from the menu options. 4. Right-click Avaya Equinox Streaming & Recording Transcoder and select Restart from the menu options. Next steps Return to the Licensing checklist on page 341 to see your next task. Related links Licensing checklist on page 341 Applying the license to the management component Procedure 1. Type https://
April 2018 Deploying Avaya Equinox Solution 346 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Figure 127: Conference Point Next steps Return to the Licensing checklist on page 341 to see your next task. Related links Licensing checklist on page 341 Applying the license to the delivery component (Delivery Node or Virtual Delivery Node) There can only be a single virtual delivery node (VDN) in a deployment. Procedure 1. Open a browser and type the delivery node (DN) or virtual delivery node (VDN) IP address or fully qualified domain name (FQDN). 2. On the Delivery Node license screen, enter the license key in the License Key field and click Submit. 3. Select the type of delivery node. The available options are: • DN (Delivery Node) • VDN (Virtual Delivery Node)
April 2018 Deploying Avaya Equinox Solution 347 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Figure 128: Delivery Node 4. Click Submit. The DN or VDN is ready for use. The login screen is displayed. Next steps Return to the Installation checklist on page 331 to see your next task. Related links Licensing checklist on page 341 Viewing license information You can view license information for the management component, the delivery component (Delivery Node), and the recording component (Conference Point). Related links Licensing checklist on page 341 Viewing license information for the management component on page 348 Viewing license information for the conference point on page 349 Viewing license information for the delivery node on page 350
Viewing license information for the management component Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin
April 2018 Deploying Avaya Equinox Solution 348 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
• Password: admin 2. Select the Devices tab. 3. View the license information for the management component in the License Information panel. Note: If you have a demonstration license, you can view the expiration date. Related links Viewing license information on page 348
Viewing license information for the conference point The recording component is called a conference point or CP. Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin • Password: admin 2. Select the Devices tab. 3. From the Browse menu on the left, click Conference Points. 4. On the Conference Points page, view the License Status column to see the status of the license. 5. Follow the remaining steps if you require more detailed license information. 6. Click the name of the conference point to display the conference point details.
April 2018 Deploying Avaya Equinox Solution 349 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Figure 129: Conference Point Details 7. Click the Conference Point IP address link to access the conference point. 8. Log in to the conference point. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: administrator • Password: Avaya123! 9. Click System Configuration > License Information to view the license information for the recording component. Related links Viewing license information on page 348
Viewing license information for the delivery node The delivery component is called a delivery node or DN. Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin
April 2018 Deploying Avaya Equinox Solution 350 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
• Password: admin 2. Select the Devices tab. 3. From the Browse menu on the left, click Delivery Nodes. 4. On the Delivery Nodes page, view the License Status column to see the status of the license. 5. Follow the remaining steps if you require more detailed license information. 6. Click the name of the delivery node to display the delivery node details. 7. Click the Delivery Node IP address link to access the delivery node. 8. Log in to the delivery node. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: administrator • Password: Avaya123! 9. From the menu across the top, click Upgrade. 10. View the license information for the delivery component in the Current License Information panel. Related links Viewing license information on page 348
Configuring external addresses for public interfaces About this task To secure the Equinox Streaming and Recording public interfaces, proper certificates have to be generated. The certificates have to match the fully qualified domain name (FQDN) or the IP address of the machine. Avaya recommends setting the use of FQDNs. When you configure your system to use FQDNs, they need to be used to register every device with the Equinox Streaming and Recording Manager. You must also configure Equinox Streaming and Recording to use external addresses, using the FQDN, and not the IP address. Procedure 1. Configure the external address of the delivery node. a. Type https://
April 2018 Deploying Avaya Equinox Solution 351 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
e. Click Submit. 2. Configure the external address for the conference point. a. Type https://
April 2018 Deploying Avaya Equinox Solution 352 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Registering each of the components After you have applied a license to each of the components of the Avaya Equinox Streaming and Recording Server, you must register them with the Avaya Equinox Streaming and Recording Server Manager. You must register all delivery nodes, virtual delivery nodes, and conference points with the Manager. In addition, you must register the transcoder with the conference point. You do not have to register the transcoder with the Manager. About this task The registration process is the same for all delivery nodes, virtual delivery nodes, and conference points. Procedure 1. Type https://
April 2018 Deploying Avaya Equinox Solution 353 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
8. (Optional) Verify the registration for the delivery node or virtual delivery node. a. Type https://
Figure 130: Transcoder Registration Next steps Return to the Installation checklist on page 331 to see your next task.
April 2018 Deploying Avaya Equinox Solution 354 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Related links Unregistering each of the components on page 355 Unregistering each of the components If you plan to move a device to a different Equinox Streaming and Recording environment, unregister the device before changing its location. If you do not unregister the device using the Equinox Streaming and Recording Manager, you must unregister it using its local web interface before you can register it to the new Equinox Streaming and Recording environment. About this task The process of unregistering is the same for all delivery nodes, virtual delivery nodes, and conference points. Procedure 1. Log in to Equinox Streaming and Recording. 2. Click the Devices tab. 3. From the Browse menu, select the device you want to access. A list of devices of that type is displayed. 4. Click Advanced Options. 5. Select one of the devices. The device details dialog is displayed. 6. Click Unregister. Related links Registering each of the components on page 353
Configuring delivery nodes Delivery nodes (DN) store all content that is created by the conference point and deliver the content to client systems at playback time. You must associate the conference point with the delivery nodes. A source DN is the original DN that receives a recording file from its associated conference point. A source DN sends the recording file to all of the other DNs in the network. Equinox Streaming and Recording supports deployments containing a mix of different servers with varying amounts of storage capacities. You can have DNs with large amounts of free space and DNs with limited space. To maximize available storage, you can configure DNs which delete old recordings when the disk is almost full and you can configure DNs which permanently store all recordings. • An edge DN is a DN on which content is stored wherever possible but this content can expire. Older content makes way for newer content.
April 2018 Deploying Avaya Equinox Solution 355 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
• A master DN is a delivery node which permanently holds all content. Typically, you assign master status to the DN with the largest storage capacity. If your deployment only contains a single DN, that DN is automatically added as the master DN. For playback, you can configure rules to determine which DN is selected when a user wants to access a recording. For example, you might want to use the DN closest to the user location, or you might want to direct the user to the original source DN. The DN closest to the user location or the original source DN may be edge DNs. Typically, if you have a master DN, that DN becomes the source DN for all recordings. If you want to expand your storage capabilities with an external storage device, it is a good idea to make the DN which is connected to the external storage device the master DN. Edge DNs are programmed with rules which determine how recordings are selected for deletion. When the disk capacity reaches 90%, content is removed until the capacity reaches 70%. Only recordings which have been copied to other DNs can be deleted. Recordings are scheduled for deletion as follows: • Recordings created over a week ago and never accessed. • Recordings created over a week ago with the greatest amount of elapsed time since the last access attempt. • Recordings created less than a week ago and never accessed, oldest creation time first. • Recordings created less than a week ago with the greatest amount of elapsed time since the last access attempt. Equinox Streaming and Recording stops creating new recordings and triggers an alert when capacity on the master DN reaches 90%. Equinox Streaming and Recording stops any recordings in progress and triggers an alert when capacity on the master DN reaches 95%. If the capacity on an edge DN reaches 90%, Equinox Streaming and Recording stops creating new recordings on that particular edge DN. Technically, this should never happen because of the intelligent expiration and deletion rules. Avaya recommends performing regular backups on the master DN. You do not have to perform backups on the edge DNs. Equinox Streaming and Recording enables you to redistribute and synchronize any media if you have to restore a master DN using the Replace with new DN field in the Advanced Options panel. The Delivery Node Details dialog displays a list of recording files, known as Source Programs and Distributed Programs. Source programs are programs (recording files) for which this delivery node is the main source for storage. Distributed programs are programs which other delivery nodes have forwarded to this delivery node. Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin • Password: admin 2. Select the Devices tab.
April 2018 Deploying Avaya Equinox Solution 356 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
3. From the Browse menu on the left, click Delivery Nodes. 4. Click the name of the delivery node to display the delivery node details.
Figure 131: Delivery Node Details 5. Configure the settings, as described in Table 56: Delivery Node Details on page 357.
Table 56: Delivery Node Details
Field Name Description Name Enter a name for the delivery node. Version Verify the version and MAC address of the delivery node. Parent Delivery Node Select a delivery node. The Parent Delivery Node distributes content to the delivery node and vice versa (child to parent). If this is a core or parent for the system then change the value from Not Configured to None. WAN Bandwidth Limit Specify the maximum bandwidth, in Kbps, that this delivery node can use when receiving/ transferring content. If you enter 0 (zero), the bandwidth is unlimited. Disk Usage The percentage of storage space that is currently used to store recordings. You can also Table continues…
April 2018 Deploying Avaya Equinox Solution 357 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Field Name Description view the number of users who are currently accessing recordings or broadcasts. Active Viewers You can view the number of users who are currently accessing recordings. Active Live Stream Viewers You can view the number of users who are currently accessing broadcasts. Allow programs to be played from parent if not If your deployment contains a hierarchical available locally relationship between DNs, you can enable playback from a ‘parent’ DN if the recording is not available on the ‘child’ DN. Select this checkbox to enable playback from a parent. If you have not configured hierarchical relationships in your deployment, this checkbox is not available. This Delivery Node is the Master Delivery Node Select this checkbox to assign master status to this DN. This means that programs on this delivery node are protected from automatic expiration (deletion). A master DN is a delivery node which permanently holds all content. Typically, you assign master status to the DN with the largest storage capacity. If your deployment only contains a single DN, that DN is automatically added as the master DN. Enable maintenance mode Select to disable the device so that you can add or remove external storage (DN) or take it out of service (CP and DN). When a device is in maintenance mode, it does not accept new recordings and users cannot playback recordings that are stored on it. Enable External Storage Device You can expand your storage capacity by installing and configuring an external storage device called a storage area network(SAN), which uses the SCSI protocol over TCP/IP (iSCSI). Select this checkbox to enable this configuration. 6. (Optional) If you have configured your system to enable individual delivery nodes to specify the distribution policy, then an additional panel is displayed. Configure the settings, as described in Table 57: Override Default Distribution Policy Panel on page 359.
April 2018 Deploying Avaya Equinox Solution 358 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Table 57: Override Default Distribution Policy Panel
Field Description Unicast Only Select to enable only unicasting from the source delivery node. Multicast Only Select to enable only multicasting from the source delivery node. If you select this option and the client technically supports the playing of multicast but the network location does not support multicasting, viewers cannot view the program. Multicast and Unicast (Unicast Rollover if Select to enable the stream to be unicast from Multicast is Unsuccessful) the source delivery node if the client does not support multicasting. If you select this option but multicast facilities are not available on the source delivery node, the unicast rollover does not occur.
Note: These settings only impact MMS streams. You can specify Multicast Only and still deliver HLS streams. 7. (Optional) Select a recording distribution policy, as described in the table below.
Table 58: Recording Distribution Policy
Recording Distribution Description Policy Pre-populate recordings Distribute all recordings and broadcasts to this delivery node. This is to this DN the default value. Configure this DN for Distribute all broadcasts to this delivery node but do not download any Broadcast-only recordings. Distribute recordings on Distribute recordings to this delivery node only if they are requested demand by a user. 8. (Optional) Click Advanced Options and configure the settings as described in Table 59: Advanced Options on page 359.
Table 59: Advanced Options
Field Description Distribute All Programs Select to take all the programs in the system from other source nodes and copy them to this delivery node. Table continues…
April 2018 Deploying Avaya Equinox Solution 359 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Field Description Replace with new DN Use this setting when bringing on a replacement delivery node for an older or broken system. Synchronize Select to ensure that all programs are distributed to their assigned delivery nodes. Only perform this step if programs have indicated failure or pending for some time. When you click Synchronize, Equinox Streaming and Recording attempts to complete any failed or pending distributions for a given DN. You can check the progress of the synchronization by checking the DN program listing on the Delivery Node screen. This feature is useful when adding a new DN, or moving an existing DN within a DN hierarchy. The programs are not updated until you click Synchronize . You may also want to click Synchronize if a delivery node has been offline for some time and needs to synchronize programs that have occurred during this time. 9. Click Save.
Configuring virtual delivery nodes A virtual delivery node (VDN) delivers content to a global content delivery network (CDN) provider for cloud-based viewer playback. The appliance and the network of the CDN act as one delivery mechanism. Therefore, the VDN appliance and the CDN together create the Equinox Streaming and Recording VDN solution. When you configure a VDN, you can choose to transfer the recordings to Highwinds CDN using File Transfer Protocol (FTP) or you can choose to transfer the recordings to Highwinds Cloud Storage (HCS) using secure, authenticated, APIs. If your account is HCS-enabled, it supports a more secure method for transferring recordings. FTP does not use any encryption to transfer the files to CDN. The HCS APIs use Secure Sockets Layer (SSL). For more information, see Highwinds Cloud Storage. Upon program creation, the publisher includes the options of distributing the program to delivery nodes and to the Equinox Streaming and Recording VDN solution. VDN supports publishing recordings as well as live broadcast. You can view the programs distributed to the VDN appliance and to be delivered to the CDN with the associated status of the program.
April 2018 Deploying Avaya Equinox Solution 360 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin • Password: admin 2. Select the Devices tab. 3. From the Browse menu on the left, click VDN. 4. Click the name of the VDN to display the VDN details. Equinox Streaming and Recording supports a single VDN in any deployment. 5. Configure the settings, as described in the table below.
Table 60: VDN Details
Field Name Description Name Enter a name for the delivery node. Version Verify the version and MAC address of the delivery node. MAC Address Source DN Select a delivery node from where this VDN retrieves content. Status View the status of the VDN. It can be Up or Unreachable. View the disk usage. The delivery Disk Usage node supports a total of approximately 600GB (Avaya Common Server 2) or 900GB (Avaya Common Server 3) at RAID level 1. Allow programs to be played from the source Select to enable the redundancy logic to revert DN if not on CDN to the source delivery node if a requested recording is not on the CDN. 6. Select a recording distribution policy, as described in the table below.
Table 61: Recording Distribution Policy
Recording Distribution Description Policy Pre-populate recordings Distribute all recordings and broadcasts to this delivery node. This is to this DN the default value. Configure this DN for Distribute all broadcasts to this delivery node but do not download any Broadcast-only recordings. Distribute recordings on Distribute recordings to this delivery node only if they are requested demand by a user.
April 2018 Deploying Avaya Equinox Solution 361 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Note: If this system is in enterprise mode, the CDN panel is displayed here. If this system is in multi-tenant mode, the CDN panel is displayed in the Organizations tab. 7. Do one of the following: • Select Highwinds CDN to transfer recordings to Highwinds CDN using File Transfer Protocol (FTP) and configure the settings, as described in Table 62: Highwinds CDN on page 362.
Table 62: Highwinds CDN
Field Description Account Hash Enter the account hash value taken from Strike Tracker 3 Portal. Host Hash Enter the host hash value taken from Strike Tracker 3 Portal Host Configuration. Username Enter the StrikeTracker 3 username and password that you used to purchase the CDN Password service. FTP User Name This field enables the uploading of recordings to the CDN. Enter proper cloud storage FTP FTP Password credentials specific to the customer account. You receive these credentials when you purchase the CDN service. Enable maintenance mode Select to disable the device so that you can add or remove external storage (DN) or take it out of service (CP and DN). When a device is in maintenance mode, it does not accept new recordings and users cannot playback recordings that are stored on it. • Select Highwinds Cloud Storage to transfer recordings to Highwinds Cloud Storage (HCS) using secure, authenticated, APIs and configure the settings, as described in Table 63: Highwinds Cloud Storage on page 362. For this option, you must enable HCS on your Highwind’s account.
Table 63: Highwinds Cloud Storage
Field Description Account Name Enter the account name taken from Strike Tracker 3 Portal. Host Hash Enter the host hash value taken from Strike Tracker 3 Portal Host Configuration. HCS Username Enter the StrikeTracker 3 username and password that you used to purchase the CDN HCS Password service. Table continues…
April 2018 Deploying Avaya Equinox Solution 362 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Field Description Enable maintenance mode Select to disable the device so that you can add or remove external storage (DN) or take it out of service (CP and DN). When a device is in maintenance mode, it does not accept new recordings and users cannot playback recordings that are stored on it. 8. Click Save. Next steps In order for the VDN to push content to the CDN, you must configure your network to enable external access because the VDN must have access to the Internet in order to communicate with the CDN. If you have a firewall, you can place the VDN in a DMZ or you can open the appropriate ports on the firewall to enable external communication. Specifically, the VDN must be able to access upload.hwcdn.net using FTP on port 21. In addition, the VDN requires HTTP or HTTPS acccess to the CDN.
Configuring conference points You must configure a conference point to capture H.323 video content and deliver live and on demand webcasting. The Equinox Streaming and Recording conference point includes an embedded transcoder to convert H.323 calls into Windows Media or .MP4 format. Each conference point must be associated with a delivery node. A delivery node streams and optionally archives the content captured by the conference point and delivers it to client systems. You can configure a conference point to be in a geographic location. This means that you can assign a location to one or more conference points which coincide with locations set for Scopia Elite MCUs and/or Equinox Media Servers in Equinox Management. When a program starts, Equinox Management includes the desired location, and a conference point close to the MCU/ Media Server can be selected. If there are no conference points matching the location passed by Equinox Management, then any conference points without a location are treated as a single pool of conference points, and one of those is selected. If there are no conference points available, the call fails. Each conference point has a limit to the number of simultaneous high definition or standard definition calls it can handle. Procedure 1. Log in to Equinox Streaming and Recording. The following credentials are the default credentials, but when you first log in, you are prompted to update your password: • Username: admin • Password: admin 2. Select the Devices tab. 3. From the Browse menu on the left, click Conference Points.
April 2018 Deploying Avaya Equinox Solution 363 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
4. Click the name of the conference point to display the conference point details.
Figure 132: Conference Point Details 5. Configure the settings, as described in Table 64: Conference Point Details on page 364.
Table 64: Conference Point Details
Field Name Description Name Enter a name for the conference point. Version Verify the version and MAC address of the conference point. Source DN Select a delivery node. Alternatively, you can select a delivery node from the Source Group field. Source Group Select a delivery node viewer group. Alternatively, you can select a delivery node from the Source DN field. The Source Group field displays any viewer groups. A viewer group is a group of delivery nodes and these groups offer redundancy. If one of the delivery nodes in a group is not available, an alternative delivery node from the same group is selected. Table continues…
April 2018 Deploying Avaya Equinox Solution 364 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Field Name Description Location Enter a location. The location must match a location specified for a Scopia Elite MCU and/or Equinox Media Server in Equinox Management. If you are not specifying locations in Equinox Management, you should leave it blank. Enable maintenance mode Select to disable the device so that you can add or remove external storage (DN) or take it out of service (CP and DN). When a device is in maintenance mode, it does not accept new recordings and users cannot playback recordings that are stored on it. Gatekeeper IP Enter the IP address for the gatekeeper with which you plan to register. The gatekeeper must be the same as the one used by Equinox Management. Gatekeeper Service Prefix This is an optional field. Enter the service prefix designator for this conference point. You should leave this field as blank. 6. Click Save.
Specifying polling intervals and the network address About this task You must specify how frequently the Equinox Streaming and Recording communicates with the other components, such as the conference points and delivery nodes. You must also specify the network on which the Equinox Streaming and Recording resides. The polling interval should be in proportion to the number of devices. The fewer the devices, the shorter the intervals. For example, if you have over 200 delivery nodes, Avaya recommends setting the polling to 5 minutes. The polling frequency affects the latency between the status transitions of the remote device and the appearance of the status on the details page for the device. Procedure 1. Log in to Equinox Streaming and Recording. 2. Click the Global Policies tab. 3. Click General Options. 4. Configure the settings, as described in Table 65: Polling Settings on page 366.
April 2018 Deploying Avaya Equinox Solution 365 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
Table 65: Polling Settings
Field Name Description Conference Point Polling Frequency Specify how often the Equinox Streaming and Recording Manager checks for device configuration or status changes for each of the conference points. Delivery Node Polling Frequency Specify how often the Equinox Streaming and Recording Manager checks for device configuration or status changes for each of the delivery nodes. Network Address for Device Communication Enter the IP address or DNS name of the Equinox Streaming and Recording Manager. This is the address that the other devices (delivery nodes, conference points, virtual delivery nodes) will use to communicate with the Equinox Streaming and Recording Manager. If split-horizon DNS is being used, use the DNS name for the Equinox Streaming and Recording Manager. Since this address is used by the other devices to communicate back to the Equinox Streaming and Recording Manager, it is important to specify the correct routable address. Retain Deleted Recordings For 5. Click Save.
Configuring the recycle bin For multi-tenant deployments, the same options are available for recycling, but they are on a per- tenant basis and so are displayed in the Organization tab. Procedure 1. Log in to Equinox Streaming and Recording. 2. Click the Global Policies tab. 3. Click General Options. 4. Configure the settings, as described in Table 66: Retain deleted recordings for: on page 367.
April 2018 Deploying Avaya Equinox Solution 366 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
Table 66: Retain deleted recordings for:
Field Name Description Forever Select to ensure that recordings/programs are never deleted from the recycle bin. For X days Type the number of days for which the recycle bin should keep recordings/programs. The default value is 30. Do not retain deleted recordings (once deleted, Select to disable the recycle bin feature. they cannot be recovered) 5. Click Save.
Adding and Modifying Equinox Streaming and Recording Servers in Equinox Management About this task This section explains how to configure Avaya Equinox Streaming and Recording Server settings in Equinox Management. Procedure 1. Access the Equinox Management administrator portal. 2. In the Devices tab, select Streaming & Recording Server. 3. If you are modifying the Equinox Streaming and Recording Server, select the link in the Name column, or select Add to create the Equinox Streaming and Recording Server profile. The Add Streaming & Recording Server page appears (Figure 133: Adding an Avaya Equinox Streaming and Recording server on page 367).
Figure 133: Adding an Avaya Equinox Streaming and Recording server
April 2018 Deploying Avaya Equinox Solution 367 Comments on this document? [email protected] Avaya Equinox Streaming and Recording deployment
4. Configure the Equinox Streaming and Recording Server’s settings, as described in (Table 67: Configuring the Avaya Equinox Streaming and Recording on page 368).
Table 67: Configuring the Avaya Equinox Streaming and Recording
Field Name Description Name Enter a name to identify the Equinox Streaming and Recording Server. IP address/FQDN Enter the management IP address or the FQDN of the Equinox Streaming and Recording Server. If the server is being deployed in the DMZ, this value must be an FQDN or an IP address that everyone can access. If the server is being deployed inside the network but is accessible externally using reverse proxy, this value must be an FQDN which resolves to the reverse proxy when outside the network. Username Enter the administrative username used to login to the Equinox Streaming and Recording Server portal. The default is admin. If you change the username in the Equinox Streaming and Recording Server, you must update the username here. Password Enter the administrative password used to login to the Equinox Streaming and Recording Server portal. The default is admin. If you change the password in the Equinox Streaming and Recording Server, you must update the password here. Secure connection using HTTPS Select to enable HTTPS, which encrypts the communication between the Equinox Streaming and Recording Server and the client. To enable HTTP, deselect the checkbox. Important: This option is not available until you first configure the server in Equinox Management, and it connects to the Equinox Streaming and Recording Server. When you subsequently open this page, the option becomes available only if you have a regular license. If you have a non-encrypted license, you cannot secure the connection. 5. Select OK to save your changes.
Configuring the Avaya Equinox Recording Gateway Audio-only and audio and web collaboration conferences use SIP. Video, audio, and web collaboration conferences use H.323. In order to support this mix of protocols, you must deploy an Avaya Equinox Recording Gateway. You can deploy the Equinox Recording Gateway using the Avaya Equinox Management interface. When a user records a conference, Equinox Management identifies the type of recording that is required by the user. The Audio Service and Audio Service with Web Collaboration meeting types are used when a user requests the recording of an audio-only or audio and web collaboration conference. When a user requests the recording of a full video, audio, and web collaboration conference, Equinox Recording Gateway is not used except in the case of a multi-stream video
April 2018 Deploying Avaya Equinox Solution 368 Comments on this document? [email protected] Installing Avaya Equinox Streaming and Recording
switched conference. Since Equinox Streaming and Recording does not support recording multi- stream video switched conferences, the Equinox Recording Gateway is needed in this case as well. In this release, the Equinox Recording Gateway records only the active speaker video when no content is shared or records the content along with a smaller window showing the active speaker video (gallery layout). About this task This section summarizes the steps for configuring the Equinox Recording Gateway to enable it to be used for the recording of conferences that use SIP. For more information on adding the gateway to Equinox Management and for information on configuring the meeting types, see Administering Avaya Equinox Management, which is available on support.avaya.com. Procedure • Add the Equinox Recording Gateway as a gateway, in Equinox Management. There is a drop-down menu, called Avaya Recording Gateway. • Upload the default audio prompts to the Equinox Recording Gateway. • Verify that the two new meeting types are displayed in the Equinox Management interface. • Ensure that you are logged into Equinox Management as an administrator. • Two meeting types are available and can be selected when configuring your virtual room or scheduling a meeting. They are Audio Service and Audio Service with Web Collaboration.
April 2018 Deploying Avaya Equinox Solution 369 Comments on this document? [email protected] Chapter 16: Upgrading to the Avaya Equinox solution
Upgrading the Equinox Solution For the latest and detailed upgrade procedures (including the backup and restoration of configurations files), see the product’s release notes and administrator guides on http:// support.avaya.com. Administrator guides are listed in the Documentation on page 371 section.
April 2018 Deploying Avaya Equinox Solution 370 Comments on this document? [email protected] Chapter 17: Resources
Documentation See the following related documents at http://support.avaya.com.
Title Use this document to: Audience Implementing Deploying Avaya Equinox Solution Plan for and deploy Avaya Equinox Partners, Services, Solution and Support personnel Deployment Guide for Avaya Plan for and deploy Avaya Equinox H.323 Partners, Services, Equinox H.323 Edge Edge and Support personnel Deployment Guide for Avaya Plan for and deploy Avaya Scopia® XT Partners, Services, Scopia® XT Series Series and Support personnel Deployment Guide for XT Plan for and deploy XT Telepresence Partners, Services, Telepresence and Support personnel Deployment Guide for Avaya Video Plan for and deploy Avaya Video Partners, Services, Collaboration Solution for IP Office Collaboration Solution for IP Office and Support personnel Deployment Guide for Avaya Plan for and deploy Avaya Equinox Add-in Partners, Services, Equinox Add-in for IBM Lotus Notes for IBM Lotus Notes and Support personnel Avaya Equinox Solution Guide for Plan for and deploy Avaya Equinox Partners, Services, Small to Medium (SMB) Enterprises Solution for small and medium enterprises and Support personnel Avaya Equinox Solution Guide for Plan for and deploy Avaya Equinox Partners, Services, Medium to Large Enterprises Solution for medium and large enterprises and Support personnel Avaya Equinox Solution Guide for Plan for and deploy Avaya Equinox Partners, Services, Large Enterprises and Service Solution for large enterprises and service and Support Providers providers personnel Table continues…
April 2018 Deploying Avaya Equinox Solution 371 Comments on this document? [email protected] Resources
Title Use this document to: Audience Installation Notes — Discovering the Install XT Server Partners, Services, IP address of the XT Server and Support personnel Rack Mounting Guide for Avaya Install the Avaya Scopia® Elite 6000 MCU Partners, Services, Scopia® Elite 6000 MCU hardware and Support personnel Administering Administrator Guide for Avaya Perform administration tasks for Avaya System Scopia® Elite 6000 MCU Scopia® Elite 6000 MCU administrators Administrator Guide for Avaya Perform administration tasks for Avaya System Scopia® Elite 6000 MCU for Avaya Scopia® Elite 6000 MCU for Avaya Aura® administrators Aura® Power Suite Power Suite Administering Avaya Equinox Media Perform administration tasks for Avaya System Server Equinox Media Server administrators Administrator Guide for Avaya Perform administration tasks for Avaya System Equinox Management Equinox Management administrators Administrator Guide for Avaya Perform administration tasks for Avaya System Equinox Streaming and Recording Equinox Streaming and Recording Server administrators Server Quick Setup Guide for Avaya Perform administration tasks for the Avaya System Scopia® XT5000 Codec Only Scopia® XT5000 codec administrators Avaya Scopia® XT5000 Codec Only Perform administration tasks for the Avaya System Scopia® XT5000 codec administrators Avaya Scopia® XT Executive 240 Perform administration tasks for Avaya System Scopia® XT Executive 240 administrators Avaya Scopia® XT5000 Server for Perform administration tasks for Avaya System IP Office Scopia® XT5000 Server for IP Office administrators Avaya Scopia® XT Premium 3–way Perform administration tasks for Avaya System Microphone Pod Scopia® XT Premium 3–way Microphone administrators Pod Avaya Scopia® XT4300 Perform administration tasks for Avaya System Scopia® XT4300 administrators Avaya Scopia® XT4300 Codec Only Perform administration tasks for the Avaya System Scopia® XT4300 codec administrators Avaya Scopia® XT7100 Codec Only Perform administration tasks for the Avaya System Scopia® XT7100 codec administrators Avaya Scopia® XT Deluxe Camera Perform administration tasks for Avaya System Scopia® XT Deluxe Camera administrators Avaya Scopia® XT Flex Camera Perform administration tasks for Avaya System Scopia® XT Flex Camera administrators Quick Tips for Avaya Scopia® XT Perform administration tasks for Avaya System Series Scopia® XT Series administrators Table continues…
April 2018 Deploying Avaya Equinox Solution 372 Comments on this document? [email protected] Documentation
Title Use this document to: Audience Supporting Reference Guide for Avaya Equinox Understand how to perform administration System Management XML API tasks on Avaya Equinox Management administrators, Customers, Partners, Services, and Support personnel SAMPLE Reference Guide for Understand how to perform administration System Avaya Equinox Management XML tasks on Avaya Equinox Management administrators, API Customers, Partners, Services, and Support personnel Reference Guide for Avaya Equinox Understand how to configure Avaya System Management SNMP Traps Equinox Management to send information administrators, to a remote SNMP management client of its Customers, Partners, operational status Services, and Support personnel Reference Guide for Avaya Equinox Understand how to perform administration System Management CDR Files tasks on Avaya Equinox Management administrators, Customers, Partners, Services, and Support personnel Reference Guide for Port Security Understand how to perform the System for Avaya Equinox Solution administration tasks on Avaya Equinox administrators, Solution Customers, Partners, Services, and Support personnel Purchasing Guide for AvayaLive™ Understand how to purchase AvayaLive™ System Video Video administrators, Customers, Partners, Services, and Support personnel Using Using Avaya Equinox Unified Portal Understand the features of and use Avaya Customers Equinox Unified Portal User Guide for Avaya Equinox H. Understand the features of and use Avaya Customers 323 Edge Client Equinox H.323 Edge Client User Guide for Avaya Scopia® XT Understand the features of and use Avaya Customers Series Scopia® XT Series User Guide for Avaya Equinox Understand the features of and use Avaya Customers Management Equinox Management User Guide for Avaya Equinox Add- Understand the features of and use Avaya Customers in for IBM Lotus Notes Equinox Add-in for IBM Lotus Notes Table continues…
April 2018 Deploying Avaya Equinox Solution 373 Comments on this document? [email protected] Resources
Title Use this document to: Audience User Guide for Avaya Equinox Add- Understand the features of and use Avaya Customers in for Microsoft Outlook Equinox Add-in for Microsoft Outlook User Guide for Avaya Equinox Add- Understand the features of and use Avaya Customers in for Microsoft Outlook for Avaya Equinox Add-in for Microsoft Outlook for Aura® Power Suite Avaya Aura® Power Suite User Guide for Avaya Scopia® Understand the features of and use Avaya Customers Control Scopia® Control
Finding documents on the Avaya Support website Procedure 1. Navigate to http://support.avaya.com/. 2. At the top of the screen, type your username and password and click Login. 3. Click Support by Product > Documents. 4. In Enter your Product Here, type the product name and then select the product from the list. 5. In Choose Release, select an appropriate release number. 6. In the Content Type filter, click a document type, or click Select All to see a list of all available documents. For example, for user guides, click User Guides in the Content Type filter. The list displays the documents only from the selected category. 7. Click Enter.
Training The following courses are available on the Avaya Learning website at http://www.avaya- learning.com. After logging in to the website, enter the course code or the course title in the Search field and press Enter or click > to search for the course.
Course code Course title Avaya Equinox administration training course 2038W Avaya Equinox Administration Avaya Equinox Team Engagement solution courses 3140W Avaya Equinox Solutions Overview 3170W Avaya Equinox Solutions Customer Field Study Table continues…
April 2018 Deploying Avaya Equinox Solution 374 Comments on this document? [email protected] Support
Course code Course title 3171T APDS Avaya Enterprise Team Engagement Solutions Online Test Avaya Equinox Over The Top solution courses 3281W Avaya Video Conferencing Solutions Overview 3283W Avaya Video Conferencing Solutions Customer Field Study 3271T APDS Avaya Video Conferencing Solutions Online Test Avaya Equinox Sales course 3140WD02 Designing Avaya Equinox Clients & Breeze Client SDK Sales Readiness Quiz 3140WD03 Avaya Equinox Sales Readiness — Design Delta Training
Support Go to the Avaya Support website at http://support.avaya.com for the most up-to-date documentation, product notices, and knowledge articles. You can also search for release notes, downloads, and resolutions to issues. Use the online service request system to create a service request. Chat with live agents to get answers to questions, or request an agent to connect you to a support team if an issue requires additional expertise.
Using the Avaya InSite Knowledge Base The Avaya InSite Knowledge Base is a web-based search engine that provides: • Up-to-date troubleshooting procedures and technical tips • Information about service packs • Access to customer and technical documentation • Information about training and certification programs • Links to other pertinent information If you are an authorized Avaya Partner or a current Avaya customer with a support contract, you can access the Knowledge Base without extra cost. You must have a login account and a valid Sold-To number. Use the Avaya InSite Knowledge Base for any potential solutions to problems. 1. Go to http://www.avaya.com/support. 2. Log on to the Avaya website with a valid Avaya user ID and password. The system displays the Avaya Support page. 3. Click Support by Product > Product Specific Support. 4. In Enter Product Name, enter the product, and press Enter.
April 2018 Deploying Avaya Equinox Solution 375 Comments on this document? [email protected] Resources
5. Select the product from the list, and select a release. 6. Click the Technical Solutions tab to see articles. 7. Select relevant articles.
April 2018 Deploying Avaya Equinox Solution 376 Comments on this document? [email protected] Glossary
1080p See Full HD on page 381.
2CIF 2CIF describes a video resolution of 704 x 288 pixels (PAL) or 704 x 240 (NTSC). It is double the width of CIF, and is often found in CCTV products.
2SIF 2SIF describes a video resolution of 704 x 240 pixels (NTSC) or 704 x 288 (PAL). This is often adopted in IP security cameras.
4CIF 4CIF describes a video resolution of 704 x 576 pixels (PAL) or 704 x 480 (NTSC). It is four times the resolution of CIF and is most widespread as the standard analog TV resolution.
4SIF 4SIF describes a video resolution of 704 x 480 pixels (NTSC) or 704 x 576 (PAL). This is often adopted in IP security cameras.
720p See HD on page 383.
AAC AAC is an audio codec which compresses sound but with better results than MP3.
AGC (Automatic Gain Automatic Gain Control (AGC) smooths audio signals through Control) normalization, by lowering sounds which are too strong and strengthening sounds which are too weak. This is relevant with microphones situated at some distance from the speaker, like room systems. The result is a more consistent audio signal within the required range of volume.
Alias An alias in H.323 represents the unique name of an endpoint. Instead of dialing an IP address to reach an endpoint, you can dial an alias, and the gatekeeper resolves it to an IP address.
Auto-Attendant Auto-Attendant is a video-based IVR which provides quick access to meetings through a set of visual menus. Participants can select the DTMF tone-based menu options using the standard numeric keypads of endpoints. Auto-Attendant works with H.323 and SIP endpoints.
Avaya Equinox The Avaya Equinox Streaming and Recording Manager provides a web- Streaming and based interface to configure and manage Equinox Streaming and Recording Manager Recording Server software, devices, services, and users. The Equinox Streaming and Recording Server Manager application resides on a single
April 2018 Deploying Avaya Equinox Solution 377 Comments on this document? [email protected] Glossary
hardware platform and provides access to all content in the Equinox Streaming and Recording Server environment.
Avaya Equinox The Equinox Streaming and Recording Server Manager provides a portal Streaming and for administering content. When you log in to the web interface, you can Recording Manager access the Administrator portal. Portals
Avaya Scopia See Content Slider on page 379. Content Slider
Balanced A balanced microphone uses a cable that is built to reduce noise and Microphone interference even when the cable is long. This reduces audio disruptions resulting from surrounding electromagnetic interference.
BFCP (Binary Floor BFCP is a protocol which coordinates shared videoconference features in Control Protocol) SIP calls, often used by one participant at a time. For example, when sharing content to others in the meeting, one participant is designated as the presenter, and is granted the floor for presenting. All endpoints must be aware that the floor was granted to that participant and react appropriately.
Bitrate Bitrate is the speed of data flow. Higher video resolutions require higher bitrates to ensure the video is constantly updated, thereby maintaining smooth motion. If you lower the bitrate, you lower the quality of the video. In some cases, you can select a lower bitrate without noticing a significant drop in video quality; for example during a presentation or when a lecturer is speaking and there is very little motion. Bitrate is often measured in kilobits per second (kbps).
Call Control See Signaling on page 389.
Cascaded A cascaded videoconference is a meeting distributed over more than one Videoconference physical Scopia Elite MCU and/or Equinox Media Server, where a master MCU/Media Server connects to one or more slave MCUs/Media Servers to create a single videoconference. It increases the meeting capacity by combining the resources of several MCUs/Media Servers. This can be especially useful for distributed deployments across several locations, reducing bandwidth usage.
CDN Equinox Streaming and Recording enables you to publish content to the cloud, using a virtual delivery node (VDN) and a content delivery network (CDN). The VDN and the network of the CDN act as one delivery mechanism. When a user creates a recording (program), they can choose to distribute it to the CDN, as well as to the regular delivery node (DN).
April 2018 Deploying Avaya Equinox Solution 378 Comments on this document? [email protected] CIF
CIF CIF, or Common Intermediate Format, describes a video resolution of 352 × 288 pixels (PAL) or 352 x 240 (NTSC). This is sometimes referred to as Standard Definition (SD).
Conference Point The Avaya Equinox Streaming and Recording Conference Point is a video conferencing gateway appliance that captures standard or high definition video conferences. It transcodes, creates, and records the video conferences in a streaming media format. You can use it to capture H.323 video for instant video webcasting or on-demand publishing.
Content Slider The Avaya Scopia Content Slider stores the data already presented in the videoconference and makes it available for participants to view during the meeting.
Continuous Continuous presence enables viewing multiple participants of a Presence videoconference at the same time, including the active speaker. This graphics-intensive work requires scaling and mixing the images together into one of the predefined video layouts. The range of video layouts depends on the type of media processing supported, typically located in the MCU/Media Server.
Control Control, or media control, sets up and manages the media of a call (its audio, video and data). Control messages include checking compatibility between endpoints, negotiating video and audio codecs, and other parameters like resolution, bitrate and frame rate. Control is communicated via H.245 in H.323 endpoints, or by SDP in SIP endpoints. Control occurs within the framework of an established call, after signaling.
CP See Continuous Presence on page 379.
Dedicated Endpoint A dedicated endpoint is a hardware endpoint for videoconferencing assigned to a single user. It is often referred to as a personal or executive endpoint, and serves as the main means of video communications for this user. For example, XT Executive. It is listed in the organization's LDAP directory as associated exclusively with this user.
Delivery Node The Avaya Equinox Streaming and Recording Delivery Node provides on- demand and broadcast video delivery. You can use it alone or in a hierarchy of devices. It supports thousands of concurrent streams. The Delivery Node uses intelligent routing, content caching, and inherent redundancy to ensure transparent delivery of high-quality video.
Dial Plan A dial plan defines a way to route a call and to determine its characteristics. In traditional telephone networks, prefixes often denote geographic locations. In videoconferencing deployments, prefixes are also used to define the type and quality of a call. For example, dial 8 before a number for a lower bandwidth call, or 6 for an audio-only call, or 5 to route the call to a different branch.
April 2018 Deploying Avaya Equinox Solution 379 Comments on this document? [email protected] Glossary
Dial Prefix A dial prefix is a number added at the beginning of a dial string to route it to the correct destination, or to determine the type of call. Dial prefixes are defined in the organization's dial plan. For example, dial 9 for an outside line, or dial 6 for an audio only call.
Distributed A distributed deployment describes a deployment where the solution Deployment components are geographically distributed in more than one network location.
DNS Server A DNS server is responsible for resolving domain names in your network by translating them into IP addresses.
DTMF DTMF, or touch-tone, is the method of dialing on touch-tone phones, where each number is translated and transmitted as an audio tone.
Dual Video Dual video is the transmitting of two video streams during a videoconference, one with the live video while the other is a shared data stream, like a presentation.
Dynamic Video The dynamic video layout is a meeting layout that switches dynamically to Layout include the maximum number of participants it can display on the screen (up to 9 on the XT Series, or up to 28 on Scopia Elite MCU and/or Equinox Media Server). The largest image always shows the active speaker.
E.164 E.164 is an address format for dialing an endpoint with a standard telephone numeric keypad, which only has numbers 0 - 9 and the symbols: * and #.
Endpoint An endpoint is a tool through which people can participate in a videoconference. Its display enables you to see and hear others in the meeting, while its microphone and camera enable you to be seen and heard by others. Endpoints include dedicated endpoints, like XT Executive, software endpoints, mobile device endpoints, room systems like XT Series, and telepresence systems like XT Telepresence.
Endpoint Alias See Alias on page 377.
FEC Forward Error Correction (FEC) is a proactive method of sending redundant information in the video stream to preempt quality degradation. FEC identifies the key frames in the video stream that should be protected by FEC. There are several variants of the FEC algorithm. The Reed-Solomon algorithm (FEC-RS) sends redundant packets per block of information, enabling the sender (like the Scopia Elite MCU and/or Equinox Media Server) to manage up to ten percent packet loss in the video stream with minimal impact on the smoothness and quality of the video.
April 2018 Deploying Avaya Equinox Solution 380 Comments on this document? [email protected] FECC
FECC Far End Camera Control (FECC) is a feature of endpoint cameras, where the camera can be controlled remotely by another endpoint in the call.
Forward Error See FEC on page 380. Correction
FPS See Frames Per Second on page 381.
Frame Rate See Frames Per Second on page 381.
Frames Per Second Frames Per Second (fps), also known as the frame rate, is a key measure in video quality, describing the number of image updates per second. The average human eye can register up to 50 frames per second. The higher the frame rate, the smoother the video.
FTP The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it.
Full HD Full HD, or Full High Definition, also known as 1080p, describes a video resolution of 1920 x 1080 pixels.
Full screen Video The full screen view shows one video image. Typically, it displays the Layout remote presentation, or, if there is no presentation, it displays the other meeting participant(s).
Gatekeeper A gatekeeper routes audio and video H.323 calls by resolving dial strings (H.323 alias or URI) into the IP address of an endpoint, and handles the initial connection of calls. Gatekeepers also implement the dial plan of an organization by routing H.323 calls depending on their dial prefixes. Equinox Management includes a built-in Avaya Equinox H.323 Gatekeeper, while H.323 Gatekeeper is a standalone gatekeeper.
Gateway A gateway is a component in a video solution which routes information between two subnets or acts as a translator between different protocols. For example, a gateway can route data between the headquarters and a partner site, or between two protocols like the Equinox TIP Gateway, or the 100 Gateway.
GLAN GLAN, or gigabit LAN, is the name of the network port on the XT Series. It is used on the XT Series to identify a 10/100/1000MBit ethernet port.
H.225 H.225 is part of the set of H.323 protocols. It defines the messages and procedures used by gatekeepers to set up calls.
April 2018 Deploying Avaya Equinox Solution 381 Comments on this document? [email protected] Glossary
H.235 H.235 is the protocol used to authenticate trusted H.323 endpoints and encrypt the media stream during meetings.
H.239 H.239 is a widespread protocol used with H.323 endpoints, to define the additional media channel for data sharing (like presentations) alongside the videoconference, and ensures only one presenter at a time.
H.243 H.243 is the protocol used with H.323 endpoints enabling them to remotely manage a videoconference.
H.245 H.245 is the protocol used to negotiate call parameters between endpoints, and can control a remote endpoint from your local endpoint. It is part of the H.323 set of protocols.
H.261 H.261 is an older protocol used to compress CIF and QCIF video resolutions. This protocol is not supported by the XT Series.
H.263 H.263 is an older a protocol used to compress video. It is an enhancement to the H.261 protocol.
H.264 H.264 is a widespread protocol used with SIP and H.323 endpoints, which defines video compression. Compression algorithms include 4x4 transforms and a basic motion comparison algorithm called P-slices. There are several profiles within H.264. The default profile is the H.264 Baseline Profile, but H.264 High Profile uses more sophisticated compression techniques.
H.264 Baseline See H.264 on page 382. Profile
H.264 High Profile H.264 High Profile is a standard for compressing video by up to 25% over the H.264 Baseline Profile, enabling high definition calls to be held over lower call speeds. It requires both sides of the transmission (sending and receiving endpoints) to support this protocol. H.264 High Profile uses compression algorithms like: • CABAC compression (Context-Based Adaptive Binary Arithmetic Coding) • 8x8 transforms which more effectively compress images containing areas of high correlation These compression algorithms demand higher computation requirements, which are offered with the dedicated hardware available in Equinox Solution components. Using H.264 High Profile in videoconferencing requires that both the sender and receiver's endpoints support it. This is different from SVC which is an adaptive technology working to improve quality even when only one side supports the standard.
H.320 H.320 is a protocol for defining videoconferencing over ISDN networks.
April 2018 Deploying Avaya Equinox Solution 382 Comments on this document? [email protected] H.323
H.323 H.323 is a widespread set of protocols governing the communication between endpoints in videoconferences and point-to-point calls. It defines the call signaling, control, media flow, and bandwidth regulation.
H.323 Alias See Alias on page 377.
H.350 H.350 is the protocol used to enhance LDAP user databases to add video endpoint information for users and groups.
H.460 H.460 enhances the standard H.323 protocol to manage firewall and NAT traversal using ITU-T standards. H.460–compliant endpoints can directly communicate with Equinox H.323 Edge. The endpoints act as H.460 clients and Equinox H.323 Edge acts as an H.460 server.
HD A HD ready device describes its high definition resolution capabilities of 720p, a video resolution of 1280 x 720 pixels.
High Availability High availability is a state where you ensure better service and less downtime by deploying additional servers. There are several strategies for achieving high availability, including deployment of redundant servers managed by load balancing systems.
High Definition See HD on page 383.
High Profile See H.264 High Profile on page 382.
HTTP The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.
HTTPS HTTPS is the secured version of the standard web browser protocol HTTP. It secures communication between a web browser and a web server through authentication of the web site and encrypting communication between them. For example, you can use HTTPS to secure web browser access to the web interface of many Equinox Solution products.
Image Resolution See Resolution on page 387.
KBps Kilobytes per second (KBps) measures the bitrate in kilobytes per second, not kilobits, by dividing the number of kilobits by eight. Bitrate is normally quoted as kilobits per second (kbps) and then converted to kilobytes per second (KBps). Bitrate measures the throughput of data communication between two devices.
April 2018 Deploying Avaya Equinox Solution 383 Comments on this document? [email protected] Glossary
kbps Kilobits per second (kbps) is the standard unit to measure bitrate, measuring the throughput of data communication between two devices. Since this counts the number of individual bits (ones or zeros), you must divide by eight to calculate the number of kilobytes per second (KBps).
LDAP LDAP is a widespread standard database format which stores network users. The format is hierarchical, where nodes are often represented asbranch location > department > sub-department, orexecutives > managers > staff members. The database standard is employed by most user directories including Microsoft Active Directory. H.350 is an extension to the LDAP standard for the videoconferencing industry.
Lecture Mode Lecture mode allows the participant defined as the lecturer to see all the participants, while they see only the lecturer. All participants are muted except the lecturer, unless a participant asks permission to speak and is unmuted by the lecturer. This mode is tailored for distance learning, but you can also use it for other purposes like when an executive addresses employees during company-wide gatherings.
Legacy endpoints Legacy endpoints are H.323–based endpoints that do not support H.460.
Load balancer A load balancer groups together a set (or cluster) of servers to give them a single IP address, known as a virtual IP address. It distributes client service requests amongst a group of servers. It distributes loads according to different criteria such as bandwidth, CPU usage, or cyclic (round robin). Load balancers are also known as application delivery controllers (ADC).
Location A location is a physical space (building) or a network (subnet) where video devices can share a single set of addresses. A distributed deployment places these components in different locations, often connected via a VPN.
Management Management refers to the administration messages sent between components of the Equinox Solution as they manage and synchronize data between them. Management also includes front-end browser interfaces configuring server settings on the server. Management messages are usually transmitted via protocols like HTTP, SNMP, FTP or XML. For example, Equinox Management uses management messages to monitor the activities of an MCU/Media Server, or when it authorizes the MCU/Media Server to allow a call to proceed.
MBps Megabytes per second (MBps) is a unit of measure for the bitrate. The bitrate is normally quoted as kilobits per second (kbps) and then converted by dividing it by eight to reach the number of kilobytes per second (KBps) and then by a further 1000 to calculate the MBps.
April 2018 Deploying Avaya Equinox Solution 384 Comments on this document? [email protected] MCU
MCU An MCU, or Multipoint Control Unit, connects several endpoints to a single videoconference. It manages the audio mixing and creates the video layouts, adjusting the output to suit each endpoint's capabilities.
MCU service See Meeting Type on page 385.
Media Media refers to the live audio, video and shared data streams sent during a call. Presentation and Far end camera control (FECC) are examples of information carried on the data stream. Media is transmitted via the RTP and RTCP protocols in both SIP and H.323 calls. The parallel data stream of both live video and presentation, is known as dual video.
Media Control See Control on page 379.
Meeting Type Meeting types (also known as MCU/Media Server services) are meeting templates which determine the core characteristics of a meeting. For example, they determine if the meeting is audio only or audio and video, they determine the default video layout, the type of encryption, PIN protection and many other features. You can invoke a meeting type by dialing its prefix in front of the meeting ID. Meeting types are created and stored in the Avaya Equinox Media Server, with additional properties in Equinox Management.
Moderator A moderator has special rights in a videoconference, including blocking the sound and video of other participants, inviting new participants, disconnecting others, determining video layouts, and closing meetings. An owner of a virtual room is the moderator when the room is protected by a PIN. Without this protection, any participant can assume moderator rights.
MTU The MTU, or Maximum Transmission Unit, is the maximum size of data packets sent around your network. This value must remain consistent for all network components, including servers like the MCU and/or Equinox Media Server and endpoints like XT Series and other network devices like network routers.
Multi-Point A multi-point conference has more than two participants.
Multi-tenant Service provider, or multi-tenant, deployments enable one installation to manage multiple organizations. All the organizations can reside as tenants within a single service provider deployment. For example, Equinox Management can manage a separate set of users for each organization, separate local administrators, separate bandwidth policies etc. all within a single multi-tenant installation.
Multicast Streaming Multicast streaming sends a videoconference to multiple viewers across a range of addresses, reducing network traffic significantly. Avaya Equinox® multicasts to a single IP address, and streaming clients must tune in to
April 2018 Deploying Avaya Equinox Solution 385 Comments on this document? [email protected] Glossary
this IP address to view the meeting. Multicasts require that routers, switches and other equipment know how to forward multicast traffic.
NAT A NAT, or Network Address Translation device, translates external IP addresses to internal addresses housed in a private network. This enables a collection of devices like endpoints in a private network, each with their own internal IP address, can be represented publicly by a single, unique IP address. The NAT translates between public and private addresses, enabling users toplace calls between public network users and private network users.
NetSense NetSense is a proprietary Equinox Solution technology which optimizes the video quality according to the available bandwidth to minimize packet loss. As the available bandwidth of a connection varies depending on data traffic, NetSense's sophisticated algorithm dynamically scans the video stream, and then reduces or improves the video resolution to maximize quality with the available bandwidth.
OVA Open Virtualization Appliance. An OVA contains the virtual machine description, disk images, and a manifest zipped into a single file. The OVA follows the Distributed Management Task Force (DMTF) specification.
Over The Top Over The Top deployments of Avaya Equinox Solution are independent of deployments Avaya Aura®. The deployments use port-based licensing. Over The Top deployments are also called standalone deployments.
Packet Loss Packet loss occurs when some of the data transmitted from one endpoint is not received by the other endpoint. This can be caused by narrow bandwidth connections or unreliable signal reception on wireless networks.
PaP Video Layout The PaP (Picture and Picture) view shows up to three images of the same size.
Phantom Power Microphones which use phantom power draw their electrical power from the same cable as the audio signal. For example, if your microphone is powered by a single cable, it serves both to power the microphone and transmit the audio data. Microphones which have two cables, one for sound and a separate power cable, do not use phantom power.
PiP Video Layout The PiP (Picture In Picture) view shows a video image in the main screen, with an additional smaller image overlapping in the corner. Typically, a remote presentation is displayed in the main part of the screen, and the remote video is in the small image. If the remote endpoint does not show any content, the display shows the remote video in the main part of the screen, and the local presentation in the small image.
April 2018 Deploying Avaya Equinox Solution 386 Comments on this document? [email protected] Point-to-Point
Point-to-Point Point-to-point is a feature where only two endpoints communicate with each other without using MCU/Media Server resources.
PoP Video Layout The PoP (Picture out Picture) view shows up to three images of different size, presented side by side, where the image on the left is larger than the two smaller images on the right.
Prefix See Dial Prefix on page 380.
PTZ Camera A PTZ camera can pan to swivel horizontally, tilt to move vertically, and optically zoom to devote all the camera's pixels to one area of the image. For example, the XT Standard Camera is a PTZ camera with its own power supply and remote control, and uses powerful lenses to achieve superb visual quality. In contrast, fixed cameras like webcams only offer digital PTZ, where the zoom crops the camera image, displaying only a portion of the original, resulting in fewer pixels of the zoomed image, which effectively lowers the resolution. Fixed cameras also offer digital pan and tilt only after zooming, where you can pan up to the width or length of the original camera image.
Q.931 Q.931 is a telephony protocol used to start and end the connection in H. 323 calls.
QCIF QCIF, or Quarter CIF, defines a video resolution of 176 × 144 pixels (PAL) or 176 x 120 (NTSC). It is often used in older mobile handsets (3G-324M) limited by screen resolution and processing power.
Quality of Service Quality of Service (QoS) determines the priorities of different types of (QoS) network traffic (audio, video and control/signaling), so in poor network conditions, prioritized traffic is still fully transmitted.
Recordings A recording of a videoconference can be played back at any time. Recordings include audio, video and shared data (if presented). Users can access recordings from the web portal or using a web link to the recording on the portal.
Redundancy Redundancy is a way to deploy a network component, in which you deploy extra units as 'spares', to be used as backups in case one of the components fails.
Registrar A SIP Registrar manages the SIP domain by requiring that all SIP devices register their IP addresses with it. For example, once a SIP endpoint registers its IP address with the Registrar, it can place or receive calls with other registered endpoints.
Resolution Resolution, or image/video resolution, is the number of pixels which make up an image frame in the video, measured as the number of horizontal pixels x the number of vertical pixels. Increasing resolution improves video quality but typically requires higher bandwidth and more computing
April 2018 Deploying Avaya Equinox Solution 387 Comments on this document? [email protected] Glossary
power. Techniques like SVC, H.264 High Profile and FEC reduce bandwidth usage by compressing the data to a smaller footprint and compensating for packet loss.
Restricted Mode Restricted mode is used for ISDN endpoints only, when the PBX and line uses a restricted form of communication, reserving the top 8k of each packet for control data only. If enabled, the bandwidth values on these lines are in multiples of 56kbps, instead of multiples of 64kbps.
Room System A room system is a hardware videoconferencing endpoint installed in a physical conference room. Essential features include its camera's ability to PTZ (pan, tilt, zoom) to allow maximum flexibility of camera angles enabling participants to see all those in the meeting room or just one part of the room.
RTCP Real-time Control Transport Protocol, used alongside RTP for sending statistical information about the media sent over RTP.
RTP RTP or Real-time Transport Protocol is a network protocol which supports video and voice transmission over IP. It underpins most videoconferencing protocols today, including H.323, SIP and the streaming control protocol known as RTSP. The secured version of RTP is SRTP.
RTSP RTSP or Real-Time Streaming Protocol controls the delivery of streamed live or playback video over IP, with functions like pause, fast forward and reverse. While the media itself is sent via RTP, these control functions are managed by RTSP
Sampling Rate The sampling rate is a measure of the accuracy of the audio when it is digitized. To convert analog audio to digital, it must collect or sample the audio at specific intervals. As the rate of sampling increases, it raises audio quality.
SBC A Session Border Controller (SBC) is a relay device between two different networks. It can be used in firewall/NAT traversal, protocol translations and load balancing.
Scalability Scalability describes the ability to increase the capacity of a network device by adding another identical device (one or more) to your existing deployment. In contrast, a non-scalable solution would require replacing existing components to increase capacity.
SD Standard Definition (SD), is a term used to refer to video resolutions which are lower than HD. There is no consensus defining one video resolution for SD.
April 2018 Deploying Avaya Equinox Solution 388 Comments on this document? [email protected] Service
Service Also known as MCU/Media Server service. See Meeting Type on page 385.
SIF SIF defines a video resolution of 352 x 240 pixels (NTSC) or 352 x 288 (PAL). This is often used in security cameras.
Signaling Signaling, also known as call control, sets up, manages and ends a connection or call. These messages include the authorization to make the call, checking bandwidth, resolving endpoint addresses, and routing the call through different servers. Signaling is transmitted via the H.225.0/Q. 931 and H.225.0/RAS protocols in H.323 calls, or by the SIP headers in SIP calls. Signaling occurs before the control aspect of call setup.
Single Sign On Single Sign On (SSO) automatically uses your network login and password to access different enterprise systems. Using SSO, you do not need to separately login to each system or service in your organization.
SIP Session Initiation Protocol (SIP) is a signaling protocol for starting, managing and ending voice and video sessions over TCP, TLS or UDP. Videoconferencing endpoints typically are compatible with SIP or H.323, and in some cases (like Avaya Scopia® XT Series), an endpoint can be compatible with both protocols. As a protocol, it uses fewer resources than H.323.
SIP Registrar See Registrar on page 387.
SIP Server A SIP server is a network device communicating via the SIP protocol.
SIP URI See URI on page 391.
Slider See Content Slider on page 379.
SNMP Simple Network Management Protocol (SNMP) is a protocol used to monitor network devices by sending messages and alerts to their registered SNMP server.
Software endpoint A software endpoint turns a computer or portable device into a videoconferencing endpoint via a software application only. It uses the system's camera and microphone to send image and sound to the other participants, and displays their images on the screen.
SQCIF SQCIF defines a video resolution of 128 x 96 pixels.
SRTP Secure Real-time Transport Protocol (SRTP) adds security to the standard RTP protocol, which is used to send media (video and audio) between devices in SIP calls. It offers security with encryption, authentication and message integrity. The encryption uses a symmetric key generated at the start of the call, and being symmetric, the same key
April 2018 Deploying Avaya Equinox Solution 389 Comments on this document? [email protected] Glossary
locks and unlocks the data. So to secure transmission of the symmetric key, it is sent safely during call setup using TLS.
SSO See Single Sign On on page 389.
Standard Definition See SD on page 388.
Streaming Streaming is a method to send live or recorded videoconferences in one direction to viewers. Recipients can only view the content; they cannot participate with a microphone or camera to communicate back to the meeting. There are two types of streaming supported in Equinox Solution: unicast which sends a separate stream to each viewer, and multicast which sends one stream to a range of viewers.
STUN A STUN server enables you to directly dial an endpoint behind a NAT or firewall by giving that computer’s public internet address.
SVC SVC extends the H.264 codec standard to dramatically increase error resiliency and video quality without the need for higher bandwidth. It is especially effective over networks with high packet loss (like wireless networks) which deliver low quality video. It splits the video stream into layers, comprising a small base layer and then additional layers on top which enhance resolution, frame rate and quality. Each additional layer is only transmitted when bandwidth permits. This allows for a steady video transmission when available bandwidth varies, providing better quality when the bandwidth is high, and adequate quality when available bandwidth is poor.
SVGA SVGA defines a video resolution of 800 x 600 pixels.
Switched video Switching is the process of redirecting video as-is without transcoding, so you see only one endpoint's image at a time, usually the active speaker, without any video layouts or continuous presence (CP). Using video switching increases the port capacity of the Scopia Elite MCU and/or Equinox Media Server only by four times. Important: Use switched video only when all endpoints participating in the videoconference support the same resolution. If a network experiences high packet loss, switched video might not be displayed properly for all endpoints in the videoconference.
SXGA SXGA defines a video resolution of 1280 x 1024 pixels.
Team Engagement Team Engagement deployments of Avaya Equinox Solution are integrated deployments with Avaya Aura®. The deployments use user-based licensing for the main components.
April 2018 Deploying Avaya Equinox Solution 390 Comments on this document? [email protected] Telepresence
Telepresence A telepresence system combines two or more endpoints together to create a wider image, simulating the experience of participants being present in the same room. Telepresence systems always designate one of the endpoints as the primary monitor/camera/codec unit, while the remainder are defined as auxiliary or secondary endpoints. This ensures that you can issue commands via a remote control to a single codec base which leads and controls the others to work together as a single telepresence endpoint.
Telepresence - Dual Dual row telepresence rooms are large telepresence rooms with two rows row telepresence of tables that can host up to 18 participants. room
TLS TLS enables network devices to communicate securely using certificates, to provide authentication of the devices and encryption of the communication between them.
Transcoding Transcoding is the process of converting video into different sizes, resolutions or formats. This enables multiple video streams to be combined into one view, enabling continuous presence, as in a typical videoconferencing window.
UC (Unified UC, or unified communications deployments offer solutions covering a Communications) wide range of communication channels. These include audio (voice), video, text (IM or chat), data sharing (presentations), whiteboard sharing (interactive annotations on shared data).
Unbalanced An unbalanced microphone uses a cable that is not especially built to Microphone reduce interference when the cable is long. As a result, these unbalanced line devices must have shorter cables to avoid audio disruptions.
Unicast Streaming Unicast streaming sends a separate stream of a videoconference to each viewer. This is the default method of streaming. To save bandwidth, consider multicast streaming.
Unified Portal Unified Portal is a graphic user interface (GUI) for Avaya Equinox Solution users. Using this GUI, users can schedule and attend meetings. They can also access their recordings and broadcasts. It is the typical way that users interact with and access Avaya Equinox Streaming and Recording . There is a user guide for Unified Portal available on https:// support.avaya.com/. Avaya recommends distributing this guide to all users.
URI URI is an address format where the address consists of the endpoint's name or number, followed by the domain name of the server to which the endpoint is registered, such as
April 2018 Deploying Avaya Equinox Solution 391 Comments on this document? [email protected] Glossary
URI Dialing Accessing a device via its URI on page 391.
User profile A user profile is a set of capabilities or parameter values which can be assigned to a user. This includes available meeting types (services), access to functionality, and allowed bandwidth for calls.
VFU See Video Fast Update (VFU) on page 392.
VGA VGA defines a video resolution of 640 x 480 pixels.
Video Fast Update Video Fast Update (VFU) is a request for a refreshed video frame, sent (VFU) when the received video is corrupted by packet loss. In response to a VFU request, the broadcasting endpoint sends a new intra-frame to serve as the baseline for the ongoing video stream.
Video Layout A video layout is the arrangement of participant images as they appear on the monitor in a videoconference. If the meeting includes a presentation, a layout can also refer to the arrangement of the presentation image together with the meeting participants.
Video Resolution See Resolution on page 387.
Video Switching See Switched video on page 390.
Videoconference A videoconference is a meeting of more than two participants with audio and video using endpoints. Professional videoconferencing systems can handle many participants in single meetings, and multiple simultaneous meetings, with a wide interoperability score to enable a wide variety of endpoints to join the same videoconference. Typically you can also share PC content, like presentations, to other participants.
Viewer Portal The Avaya Equinox Streaming and Recording Viewer Portal is embedded in the Unified Portal. To access the Viewer Portal, you can select Recordings and Events on the main page of the Unified Portal. From the Viewer Portal, you can watch recordings and navigate through the categories.
Virtual Delivery Node The Avaya Equinox Streaming and Recording Virtual Delivery Node (VDN) is a device to push content to an external Content Delivery Network (CDN). The method for publishing content to a CDN is tightly coupled to the Avaya Equinox Streaming and Recording platform which allows a company's video assets to be managed from a central location. If you want to use a VDN and a CDN, you must buy cloud storage and services from Highwinds, with the appropriate bandwidth and capacity for your needs. You apply the credentials you receive from Highwinds in the Avaya Equinox Streaming and Recording Manager to securely access the CDN.
April 2018 Deploying Avaya Equinox Solution 392 Comments on this document? [email protected] Virtual Room
Virtual Room A virtual room offers a virtual meeting place for instant or scheduled videoconferences. An administrator can assign a virtual room to each member of the organization. Users can send invitations to each other via a web link which brings you directly into their virtual room. Virtual meeting rooms are also dialed like phone extension numbers, where a user’s virtual room number is often based on that person’s phone extension number. You can personalize your virtual room with PIN numbers, custom welcome slides and so on. External participants can use a zero-download web application to access a registered user's virtual room and participate in a videoconference.
VISCA Cable A crossed VISCA cable connects two PTZ cameras to enable you to use the same remote control on both.
Waiting Room A waiting room is a holding place for participants waiting for the host or moderator to join the meeting. While waiting, participants see a static image with the name of the owner's virtual room, with an optional audio message periodically saying the meeting will start when the host arrives.
Webcast A webcast is a streamed live broadcast of a videoconference over the internet. Enable webcasts by enabling the streaming feature. To invite users to the webcast, send an email or instant message containing the webcast link or a link to the Unified Portal and the meeting ID.
WUXGA WUXGA defines a video resolution of 1920 x 1200 pixels.
XGA XGA defines a Video resolution of 1024 x 768 pixels.
Zone Gatekeepers like H.323 Gatekeeper split endpoints into zones, where a group of endpoints in a zone are registered to a gatekeeper. Often a zone is assigned a dial prefix, and usually corresponds to a physical location like an organization's department or branch.
April 2018 Deploying Avaya Equinox Solution 393 Comments on this document? [email protected]